CVE-2007-6659

🗓️ 04 Jan 2008 11:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 42 Views🌐 WEB

CVE-2007-6659: Multiple XSS vulnerabilities in 2z project 0.9.6.

Reporter	Title	Published	Views	Family All 5
ATTACKERKB	CVE-2007-6659	4 Jan 200811:46	–	attackerkb
Cvelist	CVE-2007-6659	4 Jan 200811:00	–	cvelist
EUVD	EUVD-2007-6624	7 Oct 202500:30	–	euvd
NVD	CVE-2007-6659	4 Jan 200811:46	–	nvd
Prion	Cross site scripting	4 Jan 200811:46	–	prion

NVD

Node

2z_project 2z_projectMatch0.9.6.1

Source	Link
2z-project	www.2z-project.ru/forum/viewtopic.php
secunia	www.secunia.com/advisories/28244
securityfocus	www.securityfocus.com/archive/1/485590/100/0/threaded
securityreason	www.securityreason.com/securityalert/3514
securityfocus	www.securityfocus.com/bid/27057

Parameter	Position	Path	Description	CWE
contentshort	query param	addnews	XSS via contentshort/contentfull in addnews action to the default URI	CWE-79
contentfull	query param	addnews	XSS via contentshort/contentfull in addnews action to the default URI	CWE-79
content	request body	2z/admin.php	XSS via content parameter in pm write action to 2z/admin.php	CWE-79
referer	header	index.php	XSS via referer parameter to templates/default/usermenu.tpl accessed through index.php	CWE-79
newavatar	query param	2z/profile.php	XSS via newavatar parameter in profile action to the default URI under 2z/	CWE-79
newphoto	query param	2z/profile.php	XSS via newphoto parameter in profile action to the default URI under 2z/	CWE-79

16 Jun 2026 22:48Current

5.8Medium risk

Vulners AI Score5.8

CVSS 24.3

EPSS0.01107

cve 2z project xss vulnerability web script html remote attack