CVE-2008-5068

Published: Nov 13, 2008Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Kmita Gallery allow remote attackers to inject arbitrary web script or HTML via the (1) begin parameter to index.php and the (2) searchtext parameter to search.php. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected (1)

Products: Kkeim: Kmita Gallery

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Kkeim Kmita Gallery	All versions

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (8)

http://secunia.com/advisories/32445

Source: cve@mitre.org

Vendor Advisory

http://www.osvdb.org/49444

Source: cve@mitre.org

http://www.osvdb.org/49445

Source: cve@mitre.org

http://www.securityfocus.com/bid/31970

Source: cve@mitre.org

http://secunia.com/advisories/32445

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/49444

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/49445

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/31970

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.