Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4806
cve
2011
4806
cross-site scripting
xss
phpalbum
security vulnerability
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.8%
Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) var1 and (2) keyword parameters.
Affected configurations
Node
phpalbumphpalbumRange≤0.4.1.16
ORphpalbumphpalbumMatch0.2.1
ORphpalbumphpalbumMatch0.2.2
ORphpalbumphpalbumMatch0.2.3
ORphpalbumphpalbumMatch0.2.4
ORphpalbumphpalbumMatch0.3.0
ORphpalbumphpalbumMatch0.3.1
ORphpalbumphpalbumMatch0.3.1fix01
ORphpalbumphpalbumMatch0.3.1fix02
ORphpalbumphpalbumMatch0.3.2
ORphpalbumphpalbumMatch0.4.1-14
ORphpalbumphpalbumMatch0.4.1-14fix01
ORphpalbumphpalbumMatch0.4.1-14fix02
ORphpalbumphpalbumMatch0.4.1-14fix03
ORphpalbumphpalbumMatch0.4.1-14fix05
ORphpalbumphpalbumMatch0.4.1-14fix06
ORphpalbumphpalbumMatch0.4.1.14
ORphpalbumphpalbumMatch0.4.1.15
References
Related
cvelist
cvelist
CVE-2011-4806
2022-10-03 16:15:13
nvd
nvd
CVE-2011-4806
2011-12-14 00:55:06
prion
prion
Cross site scripting
2011-12-14 00:55:00
openvas
openvas
phpAlbum Multiple Security Vulnerabilities
2011-11-01 00:00:00
phpAlbum Multiple Security Vulnerabilities
2011-11-01 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
46.8%
Related for CVE-2011-4806