Vulnerability CVE-2007-2098
Published: 2007-04-18   Modified: 2012-02-12

Description:
Multiple cross-site scripting (XSS) vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow remote attackers to inject arbitrary web script or HTML via the (1) pic and (2) gal parameters.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Wabbit PHP Gallery v0.9 Cross Site Scripting
the_3dit0r yahoo...
19.04.2007

Type:

CWE-Other

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Wabbit -> Wabbit php gallery 

 References:
http://securityreason.com/securityalert/2574
http://www.securityfocus.com/archive/1/465985/100/0/threaded
http://www.securityfocus.com/bid/23526
https://exchange.xforce.ibmcloud.com/vulnerabilities/33717
Copyright 2024, cxsecurity.com

 

Back to Top