Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.15717 |
Kategorie: | Web application abuses |
Titel: | Goollery Multiple XSS |
Zusammenfassung: | Goollery, a GMail based photo gallery written in PHP,; is installed on this remote host.;; According to it's version number, this host is vulnerable to multiple; cross-site-scripting (XSS) attacks eg. through the 'viewpic.php'; script. |
Beschreibung: | Summary: Goollery, a GMail based photo gallery written in PHP, is installed on this remote host. According to it's version number, this host is vulnerable to multiple cross-site-scripting (XSS) attacks eg. through the 'viewpic.php' script. Vulnerability Impact: An attacker, exploiting these flaws, would need to be able to coerce a user to browse a malicious URI. Upon successful exploitation, the attacker would be able to run code within the web-browser in the security context of the remote server. Solution: Upgrade to Goollery 0.04b or newer. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N |
Querverweis: |
BugTraq ID: 11587 Common Vulnerability Exposure (CVE) ID: CVE-2004-2245 http://www.securityfocus.com/bid/11587 http://www.osvdb.org/ref/11/11xxx-goollery_multiple.txt http://www.osvdb.org/11318 http://www.osvdb.org/11319 http://www.osvdb.org/11320 http://securitytracker.com/id?1012062 XForce ISS Database: goollery-viewalbum-viewpic-xss(17957) https://exchange.xforce.ibmcloud.com/vulnerabilities/17957 |
Copyright | Copyright (C) 2004 David Maciejak |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |