CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1273

Multiple cross-site scripting (XSS) vulnerabilities in imageVue 1.7 allow remote attackers to inject arbitrary web script or HTML via the path parameter to (1) popup.php, (2) test/dir2.php, (3) admin/upload.php, and (4) dirxml.php in upload/. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.8%

CVSS Severity

CVSS v2 Score 4.3

References

http://downloads.securityfocus.com/vulnerabilities/exploits/28138.html
http://www.securityfocus.com/bid/28138
https://exchange.xforce.ibmcloud.com/vulnerabilities/41169
http://downloads.securityfocus.com/vulnerabilities/exploits/28138.html
http://www.securityfocus.com/bid/28138
https://exchange.xforce.ibmcloud.com/vulnerabilities/41169

Products affected by CVE-2008-1273

Imagevue » Imagevue » Version: 1.7

cpe:2.3:a:imagevue:imagevue:1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1273

Products

Pricing

Contact Us