Test Kennung:	1.3.6.1.4.1.25623.1.0.15717
Kategorie:	Web application abuses
Titel:	Goollery Multiple XSS
Zusammenfassung:	Goollery, a GMail based photo gallery written in PHP,; is installed on this remote host.;; According to it's version number, this host is vulnerable to multiple; cross-site-scripting (XSS) attacks eg. through the 'viewpic.php'; script.
Beschreibung:	Summary: Goollery, a GMail based photo gallery written in PHP, is installed on this remote host. According to it's version number, this host is vulnerable to multiple cross-site-scripting (XSS) attacks eg. through the 'viewpic.php' script. Vulnerability Impact: An attacker, exploiting these flaws, would need to be able to coerce a user to browse a malicious URI. Upon successful exploitation, the attacker would be able to run code within the web-browser in the security context of the remote server. Solution: Upgrade to Goollery 0.04b or newer. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Querverweis:	BugTraq ID: 11587 Common Vulnerability Exposure (CVE) ID: CVE-2004-2245 http://www.securityfocus.com/bid/11587 http://www.osvdb.org/ref/11/11xxx-goollery_multiple.txt http://www.osvdb.org/11318 http://www.osvdb.org/11319 http://www.osvdb.org/11320 http://securitytracker.com/id?1012062 XForce ISS Database: goollery-viewalbum-viewpic-xss(17957) https://exchange.xforce.ibmcloud.com/vulnerabilities/17957
Copyright	Copyright (C) 2004 David Maciejak

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.