Lucene search

[email protected]CVE-2007-4115

HistoryJul 31, 2007 - 10:17 a.m.

CVE-2007-4115

2007-07-3110:17:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-4115

xss

it!cms

web security

vulnerability

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.4%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote attackers to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php.

CPENameOperatorVersion
itcms:itcmsitcmseq0.2

CPE	Name	Operator	Version
itcms:itcms	itcms	eq	0.2

References

osvdb.org/37254

osvdb.org/37255

osvdb.org/37256

osvdb.org/39024

osvdb.org/39025

osvdb.org/39026

securityreason.com/securityalert/2953

www.securityfocus.com/archive/1/475064/100/0/threaded

www.securityfocus.com/bid/25129

exchange.xforce.ibmcloud.com/vulnerabilities/35663

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for CVE-2007-4115

prion1