Lucene search

[email protected]CVE-2012-0975

HistoryFeb 02, 2012 - 5:55 p.m.

CVE-2012-0975

2012-02-0217:55:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-0975

cross-site scripting

xss

image hosting

dpi

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.7%

JSON

Cross-site scripting (XSS) vulnerability in misc.php in Image Hosting Script DPI 1.0, 1.3, and earlier allows remote attackers to inject arbitrary web script or HTML via the showseries parameter.

Affected configurations

NVD

Node

clixintimage_hosting_script_dpiRange≤1.3

clixintimage_hosting_script_dpiMatch1.0

CPENameOperatorVersion
clixint:image_hosting_script_dpiclixint image hosting script dpile1.3
clixint:image_hosting_script_dpiclixint image hosting script dpieq1.0

CPE	Name	Operator	Version
clixint:image_hosting_script_dpi	clixint image hosting script dpi	le	1.3
clixint:image_hosting_script_dpi	clixint image hosting script dpi	eq	1.0

References

osvdb.org/78660

packetstormsecurity.org/files/view/109240/dpi10-xss.txt

secunia.com/advisories/47786

www.securityfocus.com/bid/51734

exchange.xforce.ibmcloud.com/vulnerabilities/72823

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.7%

JSON

Related for CVE-2012-0975

prion1 nvd1 cvelist1