Jetbox CMS 2.1 title cross site scriting

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in Jetbox CMS 2.1 (Content Management System). Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field03/13/2015 02:56 PM10/17/2017 11:59 AM
typeContent Management SystemContent Management System
nameJetbox CMSJetbox CMS
version2.12.1
argumenttitletitle
risk11
cvss2_vuldb_basescore6.86.8
cvss2_vuldb_tempscore6.16.1
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiPP
cvss2_nvd_aiPP
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore6.06.0
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.06.0
date1179205930 (05/15/2007)1179205930 (05/15/2007)
urlhttp://www.vupen.com/english/advisories/2007/1831http://www.vupen.com/english/advisories/2007/1831
person_nameMichael JordonMichael Jordon
company_nameMikhail MarkinMikhail Markin
availability11
publicity11
price_0day$0-$5k$0-$5k
cveCVE-2007-2732CVE-2007-2732
cve_assigned11792736001179273600
cve_nvd_published11792736001179273600
cve_nvd_summaryMultiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename, (7) required, (8) surname, or (9) title parameter to view/supplynews/.Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename, (7) required, (8) surname, or (9) title parameter to view/supplynews/.
osvdb3745137451
osvdb_create11821435361182143536
osvdb_titleJetbox CMS view/search/ path Parameter XSSJetbox CMS view/search/ path Parameter XSS
securityfocus2399923999
securityfocus_date1179187200 (05/15/2007)1179187200 (05/15/2007)
securityfocus_classInput Validation ErrorInput Validation Error
securityfocus_titleJetbox CMS Multiple Cross Site Scripting VulnerabilitiesJetbox CMS Multiple Cross Site Scripting Vulnerabilities
vupenADV-2007-1831ADV-2007-1831
seealso8585985859
cwe80 (cross site scripting)80 (cross site scripting)
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_ePOCPOC
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_ePP
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
urlhttp://www.securityfocus.com/data/vulnerabilities/exploits/23999.html

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!