CVE-2012-1564

Опубликовано: 06 окт. 2012

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in administration/create_album.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

http://www.openwall.com/lists/oss-security/2012/02/27/27
Exploit
http://www.openwall.com/lists/oss-security/2012/02/27/7
Exploit
http://www.openwall.com/lists/oss-security/2012/03/19/12
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/79529
http://www.openwall.com/lists/oss-security/2012/02/27/27
Exploit
http://www.openwall.com/lists/oss-security/2012/02/27/7
Exploit
http://www.openwall.com/lists/oss-security/2012/03/19/12
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/79529

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:yuriy_v_semenikhin:yvs_image_gallery:-:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00374

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-chcm-cfp6-rx55

github

больше 3 лет назад