Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2698

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-2698
Last Modified 29 Jan 2009 01:50:58
Published 13 Jun 2008 03:41:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2698

Summary

Multiple cross-site scripting (XSS) vulnerabilities in photo_add-c.php (aka the "add comment" section) in WEBalbum 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) id, or (3) category parameter.

Vulnerable Systems

Application

  • Web-album Webalbum 2.0


References

XF - webalbum-photoaddc-xss(42893)

BID - 29580

BUGTRAQ - 20080605 WEBAlbum <= 2.0 Remote Stored Cross Site Scripting Vulnerability

SREASON - 3940


Last Updated: 27 May 2016 10:47:57