CVE-2005-0274

Опубликовано: 03 янв. 2005

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in showgallery.php in PhotoPost before 4.86 allow remote attackers to inject arbitrary web script or HTML via the (1) cat, (2) si, (3) page, or (4) ppuser parameters.

Ссылки

http://marc.info/?l=bugtraq&m=110486165802196&w=2
http://secunia.com/advisories/13680/
Exploit
Vendor Advisory
http://www.gulftech.org/?node=research&article_id=00063-01032005
Patch
Vendor Advisory
http://www.securityfocus.com/bid/12156
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18744
http://marc.info/?l=bugtraq&m=110486165802196&w=2
http://secunia.com/advisories/13680/
Exploit
Vendor Advisory
http://www.gulftech.org/?node=research&article_id=00063-01032005
Patch
Vendor Advisory
http://www.securityfocus.com/bid/12156
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18744

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:photopost:photopost_php_pro:*:*:*:*:*:*:*:*

Версия до 4.85 (включая)

EPSS

Процентиль: 89%

0.0487

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-c84v-5vhm-rxh7

github

почти 4 года назад