Lucene search

[email protected]CVE-2007-0363

HistoryJan 19, 2007 - 1:28 a.m.

CVE-2007-0363

2007-01-1901:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0363

xss

openads

phpadsnew

security vulnerability

nvd

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.3%

JSON

Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Affected configurations

NVD

Node

openadsopenadsMatch2.0.8_pr1

openadsopenadsMatch2.0.8_pr1postgresql

openadsopenadsMatch2.0.9_pr1

openadsopenadsMatch2.0.9_pr1postgresql

CPENameOperatorVersion
openads:openadsopenadseq2.0.8_pr1
openads:openadsopenadseq2.0.9_pr1

CPE	Name	Operator	Version
openads:openads	openads	eq	2.0.8_pr1
openads:openads	openads	eq	2.0.9_pr1

References

secunia.com/advisories/23720

sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424

sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426

www.securityfocus.com/bid/22124

www.vupen.com/english/advisories/2007/0240

exchange.xforce.ibmcloud.com/vulnerabilities/31570

5.7 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2007-0363

cvelist2 prion2 nvd2 cve1 securityvulns1