Vulnerability Details CVE-2009-2551
Multiple cross-site scripting (XSS) vulnerabilities in ScriptsEz Easy Image Downloader allow remote attackers to inject arbitrary web script or HTML via the id parameter in a detail action to (1) main.php and possibly (2) demo_page.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.4%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/55862
- http://packetstormsecurity.org/0907-exploits/eid-xss.txt
- http://secunia.com/advisories/35838
- http://www.securityfocus.com/bid/35701
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51722
- http://osvdb.org/55862
- http://packetstormsecurity.org/0907-exploits/eid-xss.txt
- http://secunia.com/advisories/35838
- http://www.securityfocus.com/bid/35701
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51722
Products affected by CVE-2009-2551
-
cpe:2.3:a:scriptsez:easy_image_downloader:-