Lucene search
HistoryJan 10, 2005 - 5:00 a.m.
CVE-2004-1106
gallery
cross-site scripting
xss
vulnerability
web security
nvd
5.9 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.049 Low
EPSS
Percentile
92.7%
Cross-site scripting (XSS) vulnerability in Gallery 1.4.4-pl3 and earlier allows remote attackers to execute arbitrary web script or HTML via “specially formed URLs,” possibly via the include parameter in index.php.
References
Related
osv
osv
gallery - several
2005-01-17 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200411-10 (gallery)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-642-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200411-10 (gallery)
2008-09-24 00:00:00
nessus
nessus
GLSA-200411-10 : Gallery: XSS vulnerability
2004-11-07 00:00:00
Debian DSA-642-1 : gallery - several vulnerabilities
2005-01-17 00:00:00
Gallery Unspecified HTML Injection
2004-11-04 00:00:00
debian
debian
[SECURITY] [DSA 642-1] New gallery packages fix several vulnerabilities
2005-01-17 15:21:39
[SECURITY] [DSA 642-1] New gallery packages fix several vulnerabilities
2005-01-17 00:00:00
cvelist
cvelist
CVE-2004-1106
2004-12-01 05:00:00
gentoo
gentoo
Gallery: Cross-site scripting vulnerability
2004-11-06 00:00:00
freebsd
freebsd
gallery -- cross-site scripting
2005-01-26 00:00:00
5.9 Medium
AI Score
Confidence
High
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.049 Low
EPSS
Percentile
92.7%
Related for CVE-2004-1106