Lucene search

MitreCVE-2007-5888

HistoryNov 07, 2007 - 9:46 p.m.

CVE-2007-5888

2007-11-0721:46:00

CWE-79

mitre

web.nvd.nist.gov

cve-2007-5888

xss

web script injection

html injection

security vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

75.4%

JSON

Cross-site scripting (XSS) vulnerability in displayecard.php in Coppermine Photo Gallery (CPG) before 1.4.14 allows remote attackers to inject arbitrary web script or HTML via the data parameter.

Affected configurations

Nvd

Node

copperminecoppermine_photo_galleryRange≤1.4.13

VendorProductVersionCPE
copperminecoppermine_photo_gallery*cpe:2.3:a:coppermine:coppermine_photo_gallery:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
coppermine	coppermine_photo_gallery	*	cpe:2.3:a:coppermine:coppermine_photo_gallery::::::::

References

coppermine-gallery.net/forum/index.php?topic=48106.0

osvdb.org/38420

secunia.com/advisories/27534

www.securityfocus.com/bid/26357

exchange.xforce.ibmcloud.com/vulnerabilities/38290

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.004

Percentile

75.4%

JSON

Related for CVE-2007-5888