Lucene search
ZoRLuEDB-ID:31355HistoryMar 07, 2008 - 12:00 a.m.
ImageVue 1.7 - 'dirxml.php?path' Cross-Site Scripting
2008-03-0700:00:00
ZoRLu
www.exploit-db.com
16
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/28138/info
Imagevue is prone to multiple cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.
Imagevue 1.7 is vulnerable; other versions may also be affected.
http://www.example.com/upload/dirxml.php?path="><script>alert("xss")</script>Related
cvelist
cvelist
CVE-2008-1273
2008-03-10 23:00:00
exploitdb
exploitdb
ImageVue 1.7 - 'popup.php?path' Cross-Site Scripting
2008-03-07 00:00:00
ImageVue 1.7 - 'dir2.php?path' Cross-Site Scripting
2008-03-07 00:00:00
ImageVue 1.7 - 'upload.php?path' Cross-Site Scripting
2008-03-07 00:00:00
prion
prion
Cross site scripting
2008-03-10 23:44:00
nvd
nvd
CVE-2008-1273
2008-03-10 23:44:00
cve
cve
CVE-2008-1273
2008-03-10 23:44:00