Описание
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-3198
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34812
- http://osvdb.org/35374
- http://secunia.com/advisories/25616
- http://securityreason.com/securityalert/2797
- http://www.securityfocus.com/archive/1/471046/100/0/threaded
- http://www.securityfocus.com/archive/1/494549/100/0/threaded
- http://www.securityfocus.com/bid/24409
- http://www.securityfocus.com/bid/30309
- http://www.secvsn.com/content/Advisories/sr-060607-maran.html
- http://www.vupen.com/english/advisories/2007/2148
EPSS
Процентиль: 94%
0.11884
Средний
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
EPSS
Процентиль: 94%
0.11884
Средний