Published: 11/12/2002 Updated: 11/07/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 690

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and previous versions allows remote malicious users to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bizdesign imagefolio 2.27
bizdesign imagefolio 3.0.1
bizdesign imagefolio 2.24
bizdesign imagefolio 2.26
bizdesign imagefolio 2.23

source: wwwsecurityfocuscom/bid/6265/info Reportedly, ImageFolio is prone to cross site scripting attacks due to insufficient sanitization of user-supplied input The vulnerability exists in various cgi scripts included with ImageFolio As a result, it is possible for a remote attacker to create a malicious link containing script code ...

source: wwwsecurityfocuscom/bid/6265/info Reportedly, ImageFolio is prone to cross site scripting attacks due to insufficient sanitization of user-supplied input The vulnerability exists in various cgi scripts included with ImageFolio As a result, it is possible for a remote attacker to create a malicious link containing script code wh ...

NVD-CWE-Other http://securitytracker.com/id?1005681 http://www.securityfocus.com/bid/6265 http://marc.info/?l=bugtraq&m=103842773205148&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/10718 https://nvd.nist.gov https://www.exploit-db.com/exploits/22051/

CVE-2002-1334

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect