CVE

Id
26626  
CVE No.
CVE-2007-3269  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Papoo Light 3.6 before 20070611 allow remote attackers to inject arbitrary web script or HTML via (1) the URI in a GET request or (2) the Title field of a visitor comment, and (3) allow remote authenticated users to inject arbitrary web script or HTML via a message to another user. NOTE: vector (2) might overlap CVE-2006-3571.1.  
Phase
Assigned (20070619)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
270426 26626 CVE-2007-3269 BUGTRAQ:20070615 Papoo CMS - Multiple Cross Site Scripting  View
270427 26626 CVE-2007-3269 URL:http://www.securityfocus.com/archive/1/archive/1/471490/100/0/threaded  View
270428 26626 CVE-2007-3269 CONFIRM:http://www.papoo.de/index/menuid/204/reporeid/215  View
270429 26626 CVE-2007-3269 BID:24494  View
270430 26626 CVE-2007-3269 URL:http://www.securityfocus.com/bid/24494  View
270431 26626 CVE-2007-3269 OSVDB:37544  View
270432 26626 CVE-2007-3269 URL:http://osvdb.org/37544  View
270433 26626 CVE-2007-3269 OSVDB:37545  View
270434 26626 CVE-2007-3269 URL:http://osvdb.org/37545  View
270435 26626 CVE-2007-3269 OSVDB:37546  View
270436 26626 CVE-2007-3269 URL:http://osvdb.org/37546  View
270437 26626 CVE-2007-3269 SECUNIA:25708  View
270438 26626 CVE-2007-3269 URL:http://secunia.com/advisories/25708  View
270439 26626 CVE-2007-3269 SREASON:2825  View
270440 26626 CVE-2007-3269 URL:http://securityreason.com/securityalert/2825  View
270441 26626 CVE-2007-3269 XF:papoo-multiple-xss(34888)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
57016 JVNDB-2007-005708 YourFreeScreamer の templates/2blue/bodyTemplate.php における PHP リモートファイルインクルージョンの脆弱性 YourFreeScreamer の templates/2blue/bodyTemplate.php には、PHP リモートファイルインクルージョンの脆弱性が存在します。 CVE-2007-3271 26626 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005708.html  View