exploitDog

CVE-2018-14478

Опубликовано: 07 мая 2019

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.

Ссылки

http://forum.coppermine-gallery.net/index.php/board%2C58.0.html
http://packetstormsecurity.com/files/151306/Coppermine-1.5.46-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
http://forum.coppermine-gallery.net/index.php/board%2C58.0.html
http://packetstormsecurity.com/files/151306/Coppermine-1.5.46-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:coppermine-gallery:coppermine_photo_gallery:1.5.46:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00211

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-jc7v-m8xx-gcf7

github

больше 3 лет назад

ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter.

EPSS

Процентиль: 44%

0.00211

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79