Vulnerability Details CVE-2002-1334
Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://marc.info/?l=bugtraq&m=103842773205148&w=2
- http://securitytracker.com/id?1005681
- http://www.securityfocus.com/bid/6265
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10718
- http://marc.info/?l=bugtraq&m=103842773205148&w=2
- http://securitytracker.com/id?1005681
- http://www.securityfocus.com/bid/6265
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10718
Products affected by CVE-2002-1334
-
cpe:2.3:a:bizdesign:imagefolio:2.23
-
cpe:2.3:a:bizdesign:imagefolio:2.24
-
cpe:2.3:a:bizdesign:imagefolio:2.26
-
cpe:2.3:a:bizdesign:imagefolio:2.27
-
cpe:2.3:a:bizdesign:imagefolio:3.0.1