VDB-36858 · CVE-2007-2732 · BID 23999

Jetbox CMS 2.1 title cross site scriting

A vulnerability, which was classified as critical, was found in Jetbox CMS 2.1 (Content Management System). Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	03/13/2015 02:56 PM	10/17/2017 11:59 AM
type	Content Management System	Content Management System
name	Jetbox CMS	Jetbox CMS
version	2.1	2.1
argument	title	title
risk	1	1
cvss2_vuldb_basescore	6.8	6.8
cvss2_vuldb_tempscore	6.1	6.1
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	M	M
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	P	P
cvss2_vuldb_ai	P	P
cvss2_nvd_av	N	N
cvss2_nvd_ac	M	M
cvss2_nvd_au	N	N
cvss2_nvd_ci	P	P
cvss2_nvd_ii	P	P
cvss2_nvd_ai	P	P
cvss3_meta_basescore	6.3	6.3
cvss3_meta_tempscore	6.0	6.0
cvss3_vuldb_basescore	6.3	6.3
cvss3_vuldb_tempscore	6.0	6.0
date	1179205930 (05/15/2007)	1179205930 (05/15/2007)
url	http://www.vupen.com/english/advisories/2007/1831	http://www.vupen.com/english/advisories/2007/1831
person_name	Michael Jordon	Michael Jordon
company_name	Mikhail Markin	Mikhail Markin
availability	1	1
publicity	1	1
price_0day	$0-$5k	$0-$5k
cve	CVE-2007-2732	CVE-2007-2732
cve_assigned	1179273600	1179273600
cve_nvd_published	1179273600	1179273600
cve_nvd_summary	Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename, (7) required, (8) surname, or (9) title parameter to view/supplynews/.	Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename, (7) required, (8) surname, or (9) title parameter to view/supplynews/.
osvdb	37451	37451
osvdb_create	1182143536	1182143536
osvdb_title	Jetbox CMS view/search/ path Parameter XSS	Jetbox CMS view/search/ path Parameter XSS
securityfocus	23999	23999
securityfocus_date	1179187200 (05/15/2007)	1179187200 (05/15/2007)
securityfocus_class	Input Validation Error	Input Validation Error
securityfocus_title	Jetbox CMS Multiple Cross Site Scripting Vulnerabilities	Jetbox CMS Multiple Cross Site Scripting Vulnerabilities
vupen	ADV-2007-1831	ADV-2007-1831
seealso	85859	85859
cwe	80 (cross site scripting)	80 (cross site scripting)
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	L	L
cvss3_vuldb_ui	R	R
location	Website	Website
cvss2_vuldb_e	POC	POC
cvss2_vuldb_rl	ND	ND
cvss2_vuldb_rc	ND	ND
cvss3_vuldb_e	P	P
cvss3_vuldb_rl	X	X
cvss3_vuldb_rc	X	X
cvss3_vuldb_pr	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	L	L
cvss3_vuldb_a	L	L
url		http://www.securityfocus.com/data/vulnerabilities/exploits/23999.html

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!