{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-11-20T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "imagefolio-imagefolio-nphbuild-xss(10718)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10718"}, {"name": "1005681", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1005681"}, {"name": "20021127 Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=103842773205148&w=2"}, {"name": "6265", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/6265"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1334", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "imagefolio-imagefolio-nphbuild-xss(10718)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10718"}, {"name": "1005681", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1005681"}, {"name": "20021127 Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=103842773205148&w=2"}, {"name": "6265", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6265"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T03:19:28.641Z"}, "title": "CVE Program Container", "references": [{"name": "imagefolio-imagefolio-nphbuild-xss(10718)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10718"}, {"name": "1005681", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1005681"}, {"name": "20021127 Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=103842773205148&w=2"}, {"name": "6265", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/6265"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1334", "datePublished": "2002-12-03T05:00:00", "dateReserved": "2002-11-27T00:00:00", "dateUpdated": "2024-08-08T03:19:28.641Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.23:*:*:*:*:*:*:*", "matchCriteriaId": "D5662DE5-1F10-4B5F-8CF7-CB20C3244CC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.24:*:*:*:*:*:*:*", "matchCriteriaId": "B95BBD99-5342-460F-B304-9D55528A0FF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.26:*:*:*:*:*:*:*", "matchCriteriaId": "73AD4E7B-E03B-4A8E-B68E-83F5C1947A4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:bizdesign:imagefolio:2.27:*:*:*:*:*:*:*", "matchCriteriaId": "DE34C2E9-1F43-494D-9C12-03690B040E64", "vulnerable": true}, {"criteria": "cpe:2.3:a:bizdesign:imagefolio:3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6B3B3AC7-9CE5-4073-8397-DE0D840F9D79", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via (1) the direct parameter in imageFolio.cgi, or (2) nph-build.cgi."}, {"lang": "es", "value": "Vulnerabilidad de scripting en sitios cruzados (XSS) en BizDesign Imageolio 3.01 y anteriores permiten a atacantes remotos ejecutar c\u00f3digo web arbitrario como otros usuarios mediante \r\n\r\nel par\u00e1metro directo en imageFolio.cgi, o\r\nnph-build.cgi"}], "id": "CVE-2002-1334", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-12-11T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=103842773205148&w=2"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1005681"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/6265"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10718"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=103842773205148&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1005681"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/6265"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10718"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}