Lucene search
HistoryDec 10, 2009 - 4:30 p.m.
CVE-2009-4266
cve-2009-4266
cross-site scripting
xss
yabsoft advanced image hosting
aih script 2.2
security vulnerability
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.1%
Cross-site scripting (XSS) vulnerability in search.php in YABSoft Advanced Image Hosting (AIH) Script 2.2, and possibly 2.3, allows remote attackers to inject arbitrary web script or HTML via the text parameter.
Affected configurations
Node
yabsoftadvanced_image_hosting_scriptMatch2.2
ORyabsoftadvanced_image_hosting_scriptMatch2.3
Related
prion
prion
Cross site scripting
2009-12-10 16:30:00
cvelist
cvelist
CVE-2009-4266
2009-12-10 16:00:00
nvd
nvd
CVE-2009-4266
2009-12-10 16:30:00
openvas
openvas
YABSoft AIHS Cross Site Scripting and SQL Injection Vulnerabilities
2009-12-17 00:00:00
YABSoft AIHS Cross Site Scripting and SQL Injection Vulnerabilities
2009-12-17 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
56.1%
Related for CVE-2009-4266