CVE

Id
52484  
CVE No.
CVE-2011-4572  
Status
Candidate  
Description
Cross-site scripting (XSS) vulnerability in inc/tesmodrewite.php in CF Image Hosting Script 1.3.82, 1.4.1, and probably other versions before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: this was originally reported as a file disclosure vulnerability, but this is likely inaccurate.  
Phase
Assigned (20111128)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
558969 52484 CVE-2011-4572 EXPLOIT-DB:17927  View
558970 52484 CVE-2011-4572 URL:http://www.exploit-db.com/exploits/17927  View
558971 52484 CVE-2011-4572 MISC:http://packetstormsecurity.org/files/view/105524/cfimagehosting1382-disclose.txt  View
558972 52484 CVE-2011-4572 OSVDB:76059  View
558973 52484 CVE-2011-4572 URL:http://osvdb.org/76059  View
558974 52484 CVE-2011-4572 SECUNIA:46290  View
558975 52484 CVE-2011-4572 URL:http://secunia.com/advisories/46290  View
558976 52484 CVE-2011-4572 XF:cfimagehostingscript-tesmodrewrite-xss(70347)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
25313 JVNDB-2012-001020 OpenSSL におけるサービス運用妨害 (表明違反) の脆弱性 OpenSSL には、RFC3779 のサポートが有効になっている場合、サービス運用妨害 (表明違反) 状態となる脆弱性が存在します。 CVE-2011-4577 52484 4.3 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001020.html  View