Lucene search

[email protected]CVE-2007-2090

HistoryApr 18, 2007 - 10:19 a.m.

CVE-2007-2090

2007-04-1810:19:00

[email protected]

web.nvd.nist.gov

cve-2007-2090

xss

tumusika evolution 1.6

index.php

web script

html

vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.7 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Cross-site scripting (XSS) vulnerability in index.php in TuMusika Evolution 1.6 allows remote attackers to inject arbitrary web script or HTML via the msg parameter.

Affected configurations

NVD

Node

tumusika_evolutiontumusika_evolutionMatch1.6

CPENameOperatorVersion
tumusika_evolution:tumusika_evolutiontumusika evolutioneq1.6

CPE	Name	Operator	Version
tumusika_evolution:tumusika_evolution	tumusika evolution	eq	1.6

References

secunia.com/advisories/24874

securityreason.com/securityalert/2585

www.securityfocus.com/archive/1/465515/100/0/threaded

www.vupen.com/english/advisories/2007/1374

exchange.xforce.ibmcloud.com/vulnerabilities/33593

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.7 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2007-2090

prion1 nvd1 cvelist1