Summary
This host is running Flashlight Free Edition and is prone to Cross Site Scripting Vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary HTML script codes in a user's established login session into the context of an affected site running the vulnerable web application.
Impact Level: Network/Application.
Solution
Apply patch,
http://www.clixint.com/support/viewtopic.php?f=3&t=542
*****
NOTE: Ignore this warning, if above mentioned patch is already applied.
*****
Insight
This flaw is due to an error in 'images.php' which doesn't verify user supplied input before being used via 'date' parameter.
Affected
Image Hosting Script DPI 1.1 Final and prior on all running platform.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-4252 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities