CVE-2008-1064

{"id": "CVE-2008-1064", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-02-28T20:44:00.000", "references": [{"url": "http://www.xssing.com/index.php?x=3&y=12", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41013", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in images.php in the Red Mexico RMSOFT Gallery System (GS) 2.0 module (aka rmgs) for XOOPS allows remote attackers to inject arbitrary web script or HTML via the q parameter."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en images.php del m\u00f3dulo Red Mexico RMSOFT Gallery System (GS) 2.0 module (tambi\u00e9n conocido como rmgs) para XOOPS permite a atacantes remotos inyectar web script o HMTL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro q."}], "lastModified": "2017-08-08T01:29:51.633", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:xoops:xoops_rmsoft_gallery_system:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D4241F0-7B5E-49F7-A73D-567957812673"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}