CVE-2007-0583 in HTTP Commanderinfo

Summary

Multiple cross-site scripting (XSS) vulnerabilities in HTTP Commander 6.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) LogoffMessage parameter to logofflast.aspx or the (2) txtUsername parameter to Default.aspx. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

01/30/2007

Disclosure

01/30/2007

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
85134	HTTP Commander Default.aspx cross site scripting	80	Not defined	Not defined	CVE-2007-0583
34711	HTTP Commander logofflast.aspx cross site scripting	80	Not defined	Not defined	CVE-2007-0583

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!