CVE

Id
27664  
CVE No.
CVE-2007-4307  
Status
Candidate  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Storesprite 7 and earlier allow remote attackers to inject arbitrary web script or HTML via the next parameter to (1) addaddress.php, (2) editshipdetails.php, (3) register.php, or (4) login.php in secure/.  
Phase
Assigned (20070813)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
284724 27664 CVE-2007-4307 MISC:http://pridels-team.blogspot.com/2007/08/storesprite-xss-vuln.html  View
284725 27664 CVE-2007-4307 CONFIRM:http://www.storesprite.com/forum/comments.php?DiscussionID=272&page=1#Item_0  View
284726 27664 CVE-2007-4307 BID:25266  View
284727 27664 CVE-2007-4307 URL:http://www.securityfocus.com/bid/25266  View
284728 27664 CVE-2007-4307 VUPEN:ADV-2007-2853  View
284729 27664 CVE-2007-4307 URL:http://www.vupen.com/english/advisories/2007/2853  View
284730 27664 CVE-2007-4307 OSVDB:36458  View
284731 27664 CVE-2007-4307 URL:http://osvdb.org/36458  View
284732 27664 CVE-2007-4307 OSVDB:36459  View
284733 27664 CVE-2007-4307 URL:http://osvdb.org/36459  View
284734 27664 CVE-2007-4307 OSVDB:36460  View
284735 27664 CVE-2007-4307 URL:http://osvdb.org/36460  View
284736 27664 CVE-2007-4307 OSVDB:36461  View
284737 27664 CVE-2007-4307 URL:http://osvdb.org/36461  View
284738 27664 CVE-2007-4307 SECUNIA:26408  View
284739 27664 CVE-2007-4307 URL:http://secunia.com/advisories/26408  View
284740 27664 CVE-2007-4307 XF:storesprite-next-xss(35933)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
51932 JVNDB-2007-000595 IBM Lotus Notes におけるパスワードを奪取可能な問題 IBM Lotus Notes には、notes.ini において KMF_ShowEntropy および Debug_Outfile のデバッグ変数を設定している場合、notes.id パスワードが平文であるために奪取可能である問題が存在します。 CVE-2007-4309 27664 3.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000595.html  View