Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6211

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-6211
Last Modified 20 Feb 2009 12:00:00
Published 19 Feb 2009 08:30:05
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-6211

Summary

Multiple cross-site scripting (XSS) vulnerabilities in PhpForums.net mcGallery 1.1 allow remote attackers to inject arbitrary web script or HTML via the lang parameter to (1) admin.php, (2) index.php, (3) sess.php, (4) stats.php, (5) detail.php, (6) resize.php, and (7) show.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Mcgallerypro Mcgallery 1.1


References

XF - mcgallery-lang-xss(41637)

BID - 28587

MISC - http://www.juniper.net/security/auto/vulnerabilities/vuln28587.html

MISC - http://downloads.securityfocus.com/vulnerabilities/exploits/28587.html


Last Updated: 27 May 2016 10:49:06