CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-7134

Multiple cross-site scripting (XSS) vulnerabilities in the default URI in Chris LaPointe RedGalaxy Download Center 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) file parameter, (2) message parameter in a login action, (3) category parameter in a browse action, (4) now parameter, or (5) search parameter in a search_results action. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.9%

CVSS Severity

CVSS v2 Score 4.3

References

http://download.redgalaxy.net/?nav=home
http://www.securityfocus.com/bid/28219
https://exchange.xforce.ibmcloud.com/vulnerabilities/41198
http://download.redgalaxy.net/?nav=home
http://www.securityfocus.com/bid/28219
https://exchange.xforce.ibmcloud.com/vulnerabilities/41198

Products affected by CVE-2008-7134

Redgalaxy » Download Center » Version: 1.2

cpe:2.3:a:redgalaxy:download_center:1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-7134

Products

Pricing

Contact Us