4.3
CVE-2006-5598
- EPSS 1.18%
- Veröffentlicht 28.10.2006 01:07:00
- Zuletzt bearbeitet 16.06.2026 22:31:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCross-site scripting (XSS) vulnerability in index.php for GOOP Gallery 2.0, and possibly other versions before 2.0.3, allows remote attackers to inject arbitrary HTML or web script via the image parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Webgeneius ≫ Goop Gallery Version2.0
Webgeneius ≫ Goop Gallery Version2.0.1
Webgeneius ≫ Goop Gallery Version2.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.18% | 0.635 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
http://lostmon.blogspot.com/2006/10/goop-gallery-image-param-cross-site.html
http://securitytracker.com/id?1017081
http://webgeneius.com/index.php?mod=blog&id=49
http://www.securityfocus.com/bid/20554
https://exchange.xforce.ibmcloud.com/vulnerabilities/29643