mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
111 lines
3.4 KiB
JSON
111 lines
3.4 KiB
JSON
{
|
|
"id": "CVE-2002-1334",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2002-12-11T05:00:00.000",
|
|
"lastModified": "2017-07-11T01:29:13.727",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de scripting en sitios cruzados (XSS) en BizDesign Imageolio 3.01 y anteriores permiten a atacantes remotos ejecutar c\u00f3digo web arbitrario como otros usuarios mediante \r\n\r\nel par\u00e1metro directo en imageFolio.cgi, o\r\nnph-build.cgi"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 6.8
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": true,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.23:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D5662DE5-1F10-4B5F-8CF7-CB20C3244CC1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.24:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B95BBD99-5342-460F-B304-9D55528A0FF6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.26:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "73AD4E7B-E03B-4A8E-B68E-83F5C1947A4A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.27:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DE34C2E9-1F43-494D-9C12-03690B040E64"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:bizdesign:imagefolio:3.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6B3B3AC7-9CE5-4073-8397-DE0D840F9D79"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://marc.info/?l=bugtraq&m=103842773205148&w=2",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1005681",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/6265",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10718",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |