Lucene search

[email protected]CVE-2007-3281

HistoryJun 19, 2007 - 9:30 p.m.

CVE-2007-3281

2007-06-1921:30:00

[email protected]

web.nvd.nist.gov

cve-2007-3281

xss

vulnerability

php hosting biller 1.0

web script

html

remote attackers

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.2%

JSON

Cross-site scripting (XSS) vulnerability in index.php in Php Hosting Biller 1.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Affected configurations

NVD

Node

php_hosting_billerphp_hosting_billerMatch1.0

CPENameOperatorVersion
php_hosting_biller:php_hosting_billerphp hosting billereq1.0

CPE	Name	Operator	Version
php_hosting_biller:php_hosting_biller	php hosting biller	eq	1.0

References

osvdb.org/36374

secunia.com/advisories/25681

securityreason.com/securityalert/2811

www.securityfocus.com/archive/1/471642/100/0/threaded

www.securityfocus.com/bid/24517

www.vupen.com/english/advisories/2007/2248

exchange.xforce.ibmcloud.com/vulnerabilities/34941

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

High

0.011 Low

EPSS

Percentile

84.2%

JSON

Related for CVE-2007-3281

nvd1 cvelist1 prion1