exploitDog

CVE-2007-5013

Опубликовано: 20 сент. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Phormer 3.31 allow remote attackers to inject arbitrary web script or HTML via the (1) u, (2) p, (3) c, and (4) s parameters, and other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Ссылки

http://osvdb.org/37183
http://secunia.com/advisories/26886
Vendor Advisory
http://www.securityfocus.com/bid/25742
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/36708
http://osvdb.org/37183
http://secunia.com/advisories/26886
Vendor Advisory
http://www.securityfocus.com/bid/25742
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/36708

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phormer:phormer:3.31:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00285

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-8c9q-2qm2-g7xh

github

почти 4 года назад

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Phormer 3.31 allow remote attackers to inject arbitrary web script or HTML via the (1) u, (2) p, (3) c, and (4) s parameters, and other unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

EPSS

Процентиль: 52%

0.00285

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79