CVE-2008-2766

Xigla Absolute Image Gallery XE - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Xigla Absolute Image Gallery XE allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in (1) admin/search.asp and (2) gallery.asp.

References (5)

[Exploit] http://bugreport.ir/index.php?/41

[Exploit] http://marc.info/?l=bugtraq&m=121322052622903&w=2

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/43053

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/29672

[Third Party Advisory] http://securityreason.com/securityalert/3950

Scores

EPSS 0.0034

EPSS Percentile 56.4%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

xigla/absolute_image_gallery_xe

Timeline

Published Jun 18, 2008

Tracked Since Feb 18, 2026