exploitDog

CVE-2007-3137

Опубликовано: 08 июн. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in WmsCMS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) sbl, (2) sbr, or (3) search parameter. NOTE: the original disclosure claims the pageid parameter in index.php is affected, but this is incorrect.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webmaster_solutions:wmscms:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04925

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-5qg9-jjv7-fhcw

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in 4print.asp in WmsCMS 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) sbl, (2) sbr, or (3) search parameter. NOTE: the original disclosure claims the pageid parameter in index.php is affected, but this is incorrect.

EPSS

Процентиль: 89%

0.04925

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79