CVE-2015-2275

Published: 12/03/2015 Updated: 09/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery 2.0 prior to 2014-12-26 allows remote malicious users to inject arbitrary web script or HTML via the parameters[data][7][title] parameter in a saveImageData action to index.php/AJAXProxy.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wotlab community gallery 2.0

#Vulnerability title: Community Gallery - Stored Cross-Site Scripting vulnerability #Product: Community Gallery #Vendor: wwwwoltlabcom #Affected version: Community Gallery 20 before 12/10/2014 #Download link: wwwwoltlabcom/purchase/?products[]=comwoltlabgallery #Fixed version: Community Gallery 20 after 12/26/2014 #CVE ID: C ...

Community Gallery version 20 prior to 12/10/2014 suffers from a cross site scripting vulnerability ...

CWE-79 http://www.itas.vn/news/itas-team-found-out-a-stored-xss-vulnerability-in-burning-board-community-gallery-77.html http://seclists.org/fulldisclosure/2015/Mar/65 http://packetstormsecurity.com/files/130766/Community-Gallery-2.0-Cross-Site-Scripting.html http://www.osvdb.org/119455 http://www.exploit-db.com/exploits/36368 http://www.securityfocus.com/bid/73053 http://www.securityfocus.com/archive/1/534841/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/36368/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-2275

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect