{"type": "jvn", "published": "2007-01-22T00:00:00", "href": "http://jvn.jp/en/jp/JVN07274813/index.html", "bulletinFamily": "info", "cvelist": [], "cvss": {"vector": "NONE", "score": 0.0}, "enchantments": {"score": {"value": 3.2, "vector": "NONE", "modified": "2017-03-23T17:09:39", "rev": 2}, "dependencies": {"references": [], "modified": "2017-03-23T17:09:39", "rev": 2}, "vulnersScore": 3.2}, "lastseen": "2017-03-23T17:09:39", "viewCount": 0, "id": "JVN:07274813", "references": [], "edition": 1, "reporter": "Japan Vulnerability Notes", "modified": "2008-05-21T00:00:00", "title": "JVN#07274813 phpAdsNew cross-site scripting vulnerability", "description": "\n ## Description\n\nThe products listed below use the same module as phpAdsNew thus they are also affected by the vulnerability. \n \nAll users of these products are encouraged to update to the latest versions provided by the developer. \n\n\n * phpPgAds 2.0.9-pr1 and earlier\n * Max Media Manager v0.1.29-rc and earlier\n * Max Media Manager v0.3.30-alpha and earlier\n \nThe updated versions of each product are listed below: \n\n\n * The updated version of phpAdsNew 2.0.9-pr1 is Openads 2.0.10.\n * The updated version of phpPgAds 2.0.9-pr1 is Openads for PostgreSQL 2.0.10.\n * The updated version of Max Media Manager v0.1.29-rc and v0.3.30-alpha is Openads 2.3.31.\n\n ## Impact\n\nAn arbitrary script may be executed on the the user's web browser if the user logged into phpAdsNew as the administrator. This may allow cookie information to be leaked or displayed contents to be falsified. \n\n ## Solution\n\n ## Products Affected\n\n * phpAdsNew 2.0.9-pr1 and earlier\n"}

{}