Jetbox CMS 2.1 title cross site scripting

voceeditHistoryDiffjsonxmlCTI

Una vulnerabilità di livello critico è stata rilevata in Jetbox CMS 2.1 (Content Management System). Da questa vulnerabilità è interessato una funzione sconosciuta. Informazioni riguardo una possibile contromisura non sono al momento disponibili. Si suggerisce di sostituire il prodotto con uno equivalente.

Campo13/03/2015 14:5617/10/2017 11:59
typeContent Management SystemContent Management System
nameJetbox CMSJetbox CMS
version2.12.1
argumenttitletitle
risk11
cvss2_vuldb_basescore6.86.8
cvss2_vuldb_tempscore6.16.1
cvss2_vuldb_avNN
cvss2_vuldb_acMM
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_nvd_avNN
cvss2_nvd_acMM
cvss2_nvd_auNN
cvss2_nvd_ciPP
cvss2_nvd_iiPP
cvss2_nvd_aiPP
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore6.06.0
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.06.0
date1179205930 (15/05/2007)1179205930 (15/05/2007)
urlhttp://www.vupen.com/english/advisories/2007/1831http://www.vupen.com/english/advisories/2007/1831
person_nameMichael JordonMichael Jordon
company_nameMikhail MarkinMikhail Markin
availability11
publicity11
price_0day$0-$5k$0-$5k
cveCVE-2007-2732CVE-2007-2732
cve_assigned11792736001179273600
cve_nvd_published11792736001179273600
cve_nvd_summaryMultiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename, (7) required, (8) surname, or (9) title parameter to view/supplynews/.Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname, (3) country, (4) email, (5) firstname, (6) middlename, (7) required, (8) surname, or (9) title parameter to view/supplynews/.
osvdb3745137451
osvdb_create11821435361182143536
osvdb_titleJetbox CMS view/search/ path Parameter XSSJetbox CMS view/search/ path Parameter XSS
securityfocus2399923999
securityfocus_date1179187200 (15/05/2007)1179187200 (15/05/2007)
securityfocus_classInput Validation ErrorInput Validation Error
securityfocus_titleJetbox CMS Multiple Cross Site Scripting VulnerabilitiesJetbox CMS Multiple Cross Site Scripting Vulnerabilities
vupenADV-2007-1831ADV-2007-1831
seealso8585985859
cwe80 (cross site scripting)80 (cross site scripting)
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_uiRR
locationWebsiteWebsite
cvss2_vuldb_ePOCPOC
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_ePP
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_vuldb_prNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
urlhttp://www.securityfocus.com/data/vulnerabilities/exploits/23999.html

Want to stay up to date on a daily basis?

Enable the mail alert feature now!