Lucene search

[email protected]NVD:CVE-2007-6633

HistoryJan 04, 2008 - 12:46 a.m.

CVE-2007-6633

2008-01-0400:46:00

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in FAQMasterFlexPlus, possibly 1.5 or 1.52, allow remote attackers to inject arbitrary web script or HTML via (1) the cat_name parameter to faq.php; and unspecified parameters to the (2) add categories, (3) edit categories, (4) delete categories, (5) add faq, (6) edit faq, and (7) delete faq Admin scripts.

Affected configurations

NVD

Node

netbizcityfaqmasterflexplus

References

lists.grok.org.uk/pipermail/full-disclosure/2007-December/059318.html

osvdb.org/39664

secunia.com/advisories/28248

www.securityfocus.com/archive/1/485589/100/0/threaded

www.securityfocus.com/bid/27051

exchange.xforce.ibmcloud.com/vulnerabilities/39287

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.0%

JSON

Related for NVD:CVE-2007-6633

cvelist1 prion1 cve1