CVE-2005-2737

Published: Aug 30, 2005Modified: Apr 16, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in PhotoPost PHP Pro 5.1 allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag.

Affected (1)

Products: Photopost: Photopost Php Pro

Photopost

1 product

Photopost Php Pro

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Photopost Photopost Php Pro	Version 5.1

References (12)

http://cedri.cc/advisories/EXIF_XSS.txt

Source: cve@mitre.org

Vendor Advisory

http://marc.info/?l=bugtraq&m=112511025414488&w=2

Source: cve@mitre.org

http://secunia.com/advisories/16597/

Source: cve@mitre.org

http://securitytracker.com/id?1014803

Source: cve@mitre.org

http://www.securityfocus.com/bid/14671

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/22020

Source: cve@mitre.org

http://cedri.cc/advisories/EXIF_XSS.txt