Lucene search

[email protected]CVE-2008-4336

HistorySep 30, 2008 - 5:22 p.m.

CVE-2008-4336

2008-09-3017:22:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-4336

cross-site scripting

xss

atomic photo album

apa

security vulnerability

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.4%

JSON

Cross-site scripting (XSS) vulnerability in album.php in Atomic Photo Album (APA) 1.1.0pre4 allows remote attackers to inject arbitrary web script or HTML via the apa_album_ID parameter.

CPENameOperatorVersion
constantin_charissis:atomic_photo_albumconstantin charissis atomic photo albumeq1.1.0_pre4

CPE	Name	Operator	Version
constantin_charissis:atomic_photo_album	constantin charissis atomic photo album	eq	1.1.0_pre4

References

www.securityfocus.com/bid/31409

exchange.xforce.ibmcloud.com/vulnerabilities/45432

www.exploit-db.com/exploits/6572

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

57.4%

JSON

Related for CVE-2008-4336

prion1 cvelist1