Lucene search

[email protected]NVD:CVE-2007-4021

HistoryJul 26, 2007 - 7:30 p.m.

CVE-2007-4021

2007-07-2619:30:00

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

67.8%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in login.php in Brain Book Software Secure 1.0.20070629 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters.

Affected configurations

Nvd

Node

brain_book_softwaresoftware_secureRange≤1.0.20070629

VendorProductVersionCPE
brain_book_softwaresoftware_secure*cpe:2.3:a:brain_book_software:software_secure:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
brain_book_software	software_secure	*	cpe:2.3:a:brain_book_software:software_secure::::::::

References

pridels-team.blogspot.com/2007/07/secure-xss-vuln.html

www.securityfocus.com/bid/25024

www.vupen.com/english/advisories/2007/2656

exchange.xforce.ibmcloud.com/vulnerabilities/35583

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.8

Confidence

High

EPSS

0.003

Percentile

67.8%

JSON

Related for NVD:CVE-2007-4021

cve1 cvelist1 prion1