CVE-2008-1064: XSS
First published: Thu Feb 28 2008(Updated: )
Cross-site scripting (XSS) vulnerability in images.php in the Red Mexico RMSOFT Gallery System (GS) 2.0 module (aka rmgs) for XOOPS allows remote attackers to inject arbitrary web script or HTML via the q parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Xoops Rmsoft Gallery System | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-1064?
CVE-2008-1064 is classified as a medium severity vulnerability due to its potential for exploitation through cross-site scripting.
How do I fix CVE-2008-1064?
To fix CVE-2008-1064, it is recommended to upgrade to a patched version of the Red Mexico RMSOFT Gallery System or implement input validation and sanitization for the q parameter.
What type of attack is CVE-2008-1064 primarily associated with?
CVE-2008-1064 is primarily associated with cross-site scripting (XSS) attacks, allowing attackers to inject malicious scripts into web pages.
Which software is affected by CVE-2008-1064?
CVE-2008-1064 specifically affects version 2.0 of the Red Mexico RMSOFT Gallery System for the XOOPS platform.
Can CVE-2008-1064 be exploited remotely?
Yes, CVE-2008-1064 can be exploited remotely by attackers to execute arbitrary web scripts or HTML on affected installations.
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/weakness
- vendor/xoops
- canonical/xoops rmsoft gallery system
- version/xoops rmsoft gallery system/2.0