Lucene search

[email protected]CVE-2007-0605

HistoryMay 09, 2007 - 5:19 p.m.

CVE-2007-0605

2007-05-0917:19:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

2007

0605

cross-site scripting

xss

advanced guestbook 2.4.2

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.2%

JSON

Cross-site scripting (XSS) vulnerability in picture.php in Advanced Guestbook 2.4.2 allows remote attackers to inject arbitrary web script or HTML via the picture parameter.

CPENameOperatorVersion
advanced_guestbook:advanced_guestbookadvanced guestbookeq2.4.2

CPE	Name	Operator	Version
advanced_guestbook:advanced_guestbook	advanced guestbook	eq	2.4.2

References

secunia.com/advisories/25153

securityreason.com/securityalert/2663

www.netvigilance.com/advisory0012

www.osvdb.org/33877

www.securityfocus.com/archive/1/467937/100/0/threaded

www.securityfocus.com/bid/23873

www.vupen.com/english/advisories/2007/1726

exchange.xforce.ibmcloud.com/vulnerabilities/34156

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.01 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2007-0605

packetstorm1 prion1 securityvulns2