CVE-2003-0614
Gallery 1.2/1.3.x - Search Engine Cross-Site Scripting
Severity Score
4.3
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
Vulnerabilidad en sitios cruzados en search.php de Gallery 1.1 a 1.3.4 permite a atacantes remotos insertar script web mediante el parĂ¡metro searchstring
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2003-07-27 First Exploit
- 2003-07-30 CVE Reserved
- 2003-08-01 CVE Published
- 2024-05-29 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=82&mode=thread&order=0&thold=0 | X_refsource_confirm | |
| http://marc.info/?l=bugtraq&m=106252092421469&w=2 | Mailing List | |
| http://www.securityfocus.com/archive/1/330676 | Mailing List | |
| http://www.securityfocus.com/archive/1/348641/30/21790/threaded | Mailing List |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/22961 | 2003-07-27 |
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2003/dsa-355 | 2018-10-19 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.1 Search vendor "Gallery Project" for product "Gallery" and version "1.1" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.2 Search vendor "Gallery Project" for product "Gallery" and version "1.2" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.2.1 Search vendor "Gallery Project" for product "Gallery" and version "1.2.1" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.2.1_p1 Search vendor "Gallery Project" for product "Gallery" and version "1.2.1_p1" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.2.2 Search vendor "Gallery Project" for product "Gallery" and version "1.2.2" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.2.3 Search vendor "Gallery Project" for product "Gallery" and version "1.2.3" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.2.4 Search vendor "Gallery Project" for product "Gallery" and version "1.2.4" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.2.5 Search vendor "Gallery Project" for product "Gallery" and version "1.2.5" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.3 Search vendor "Gallery Project" for product "Gallery" and version "1.3" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.3.1 Search vendor "Gallery Project" for product "Gallery" and version "1.3.1" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.3.2 Search vendor "Gallery Project" for product "Gallery" and version "1.3.2" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.3.3 Search vendor "Gallery Project" for product "Gallery" and version "1.3.3" | - |
Affected
| ||||||
| Gallery Project Search vendor "Gallery Project" | Gallery Search vendor "Gallery Project" for product "Gallery" | 1.3.4 Search vendor "Gallery Project" for product "Gallery" and version "1.3.4" | - |
Affected
| ||||||