ID CVE-2007-3189
Summary Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter.
References
Vulnerable Configurations
  • cpe:2.3:a:jffnms:just_for_fun_network_management_system:0.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:jffnms:just_for_fun_network_management_system:0.8.3:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 16-10-2018 - 16:47)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 24414
bugtraq 20070610 Serious holes affecting JFFNMS
debian DSA-1374
fulldisc 20070610 Serious holes affecting JFFNMS
secunia
  • 25587
  • 26769
Last major update 16-10-2018 - 16:47
Published 12-06-2007 - 23:30
Last modified 16-10-2018 - 16:47
Back to Top