Vulnerability Details CVE-2002-1334
Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.6%
CVSS Severity
CVSS v2 Score 6.8
References
- http://marc.info/?l=bugtraq&m=103842773205148&w=2
- http://securitytracker.com/id?1005681
- http://www.securityfocus.com/bid/6265
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10718
- http://marc.info/?l=bugtraq&m=103842773205148&w=2
- http://securitytracker.com/id?1005681
- http://www.securityfocus.com/bid/6265
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10718
Products affected by CVE-2002-1334
-
cpe:2.3:a:bizdesign:imagefolio:2.23
-
cpe:2.3:a:bizdesign:imagefolio:2.24
-
cpe:2.3:a:bizdesign:imagefolio:2.26
-
cpe:2.3:a:bizdesign:imagefolio:2.27
-
cpe:2.3:a:bizdesign:imagefolio:3.0.1