CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-0573

Multiple cross-site scripting (XSS) vulnerabilities in FotoWeb 6.0 (Build 273) allow remote attackers to inject arbitrary web script or HTML via the (1) s parameter to cmdrequest/Login.fwx and the (2) search parameter to Grid.fwx.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/33879
http://www.fortconsult.net/images/pdf/advisories/FotoWebXSS_final.pdf
http://www.securityfocus.com/bid/33677
http://secunia.com/advisories/33879
http://www.fortconsult.net/images/pdf/advisories/FotoWebXSS_final.pdf
http://www.securityfocus.com/bid/33677

Products affected by CVE-2009-0573

Fotoware » Fotoweb » Version: 6.0

cpe:2.3:a:fotoware:fotoweb:6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-0573

Products

Pricing

Contact Us