ID CVE-2007-4297
Summary Multiple cross-site scripting (XSS) vulnerabilities in yorumkaydet.asp in Dersimiz Haber Ekleme Modulu allow remote attackers to inject arbitrary web script or HTML via the (1) yazan, (2) mail, and (3) yorum parameters. NOTE: some of these details are obtained from third party information. See http://www.securityfocus.com/bid/25250 for additional information (vendor website)
References
Vulnerable Configurations
  • cpe:2.3:a:aspindir:dersimiz_haber_ekleme_modulu:*:*:*:*:*:*:*:*
    cpe:2.3:a:aspindir:dersimiz_haber_ekleme_modulu:*:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 29-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
bid 25250
misc http://www.packetstormsecurity.org/0708-exploits/dersimiz-xss.txt
osvdb 37537
secunia 26380
vupen ADV-2007-2831
xf dersimiz-yorumkaydet-xss(35911)
Last major update 29-07-2017 - 01:32
Published 10-08-2007 - 20:17
Last modified 29-07-2017 - 01:32
Back to Top