Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and previous versions allows remote malicious users to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bizdesign imagefolio 2.27 |
||
bizdesign imagefolio 3.0.1 |
||
bizdesign imagefolio 2.24 |
||
bizdesign imagefolio 2.26 |
||
bizdesign imagefolio 2.23 |