CVE-2007-5291

Опубликовано: 09 окт. 2007

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Edit.asp in DB Manager 2.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Ссылки

http://pridels-team.blogspot.com/2007/10/db-manager-xss-vuln.html
http://secunia.com/advisories/27120
Vendor Advisory
http://www.securityfocus.com/bid/25964
http://www.vupen.com/english/advisories/2007/3422
https://exchange.xforce.ibmcloud.com/vulnerabilities/36985
http://pridels-team.blogspot.com/2007/10/db-manager-xss-vuln.html
http://secunia.com/advisories/27120
Vendor Advisory
http://www.securityfocus.com/bid/25964
http://www.vupen.com/english/advisories/2007/3422
https://exchange.xforce.ibmcloud.com/vulnerabilities/36985

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:daniel_broadbent:db_manager:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 57%

0.00351

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-q2p3-jh4c-pjx8

github

почти 4 года назад