Summary
An attacker may use the installed version of Mambo Site Server to perform a cross site scripting attack on this host or execute arbitrary code through the gallery image uploader under the administrator directory.
Solution
Upgrade to the latest version of this software.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2003-1204 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
- Apache Roller 'q' Parameter Cross Site Scripting Vulnerability
- Apache Tomcat SecurityConstraints Security Bypass Vulnerability
- Adobe ColdFusion Unspecified Information Disclosure Vulnerability
- AMSI 'file' Parameter Directory Traversal Vulnerability