CVEDB API

Vulnerability Details CVE-2006-1411

Cross-site scripting (XSS) vulnerability in Absolute Image Gallery XE 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via (1) the shownew parameter in gallery.asp and (2) unspecified search module parameters.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.6%

CVSS Severity

CVSS v2 Score 4.3

References

http://pridels0.blogspot.com/2006/03/absolute-image-gallery-xe-20-xss-vuln.html
http://www.osvdb.org/24214
http://www.securityfocus.com/bid/18712
http://www.vupen.com/english/advisories/2006/1103
https://exchange.xforce.ibmcloud.com/vulnerabilities/25466
http://pridels0.blogspot.com/2006/03/absolute-image-gallery-xe-20-xss-vuln.html
http://www.osvdb.org/24214
http://www.securityfocus.com/bid/18712
http://www.vupen.com/english/advisories/2006/1103
https://exchange.xforce.ibmcloud.com/vulnerabilities/25466

Products affected by CVE-2006-1411

Xigla » Absolute Image Gallery Xe » Version: Any

cpe:2.3:a:xigla:absolute_image_gallery_xe:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-1411

Products

Pricing

Contact Us