CVE-2007-1551

Опубликовано: 20 мар. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in phpx 3.5.15 allow remote attackers to inject arbitrary web script or HTML via (1) the signature in "dans profile," or (2) search.php.

Ссылки

http://osvdb.org/34412
http://osvdb.org/34413
http://secunia.com/advisories/24565
http://securityreason.com/securityalert/2457
http://www.securityfocus.com/archive/1/463192/100/0/threaded
http://www.securityfocus.com/bid/23033
http://www.vupen.com/english/advisories/2007/1087
https://exchange.xforce.ibmcloud.com/vulnerabilities/33153
https://exchange.xforce.ibmcloud.com/vulnerabilities/33154
http://osvdb.org/34412
http://osvdb.org/34413
http://secunia.com/advisories/24565
http://securityreason.com/securityalert/2457
http://www.securityfocus.com/archive/1/463192/100/0/threaded
http://www.securityfocus.com/bid/23033
http://www.vupen.com/english/advisories/2007/1087
https://exchange.xforce.ibmcloud.com/vulnerabilities/33153
https://exchange.xforce.ibmcloud.com/vulnerabilities/33154

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpx:phpx:3.5.15:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00791

Низкий

4.3 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-h766-5rvh-rfw9

github

почти 4 года назад