Cross-site scripting (XSS) vulnerability in Goollery 0.03 allows remote attackers to inject arbitrary HTML or web script via the (1) page parameter to viewalbum.php or (2) btopage parameter to viewpic.php.
References
Link | Resource |
---|---|
http://securitytracker.com/id?1012062 | Exploit |
http://www.osvdb.org/11318 | |
http://www.osvdb.org/11319 | Exploit Patch |
http://www.osvdb.org/11320 | Exploit Patch |
http://www.osvdb.org/ref/11/11xxx-goollery_multiple.txt | Exploit |
http://www.securityfocus.com/bid/11587 | Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/17957 |
Configurations
History
No history.
Information
Published : 2004-12-31 05:00
Updated : 2024-02-04 16:31
NVD link : CVE-2004-2245
Mitre link : CVE-2004-2245
CVE.ORG link : CVE-2004-2245
JSON object : View
Products Affected
goollery
- goollery
CWE