4 matches found
CVE-2007-1873
Mephisto 0.7.3 is affected by a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary script or HTML via the q parameter in the search script. The impact is described as actionable by injecting code, with no vendor fix available according to the security adviso...
Cross site scripting in mephisto 0.7.3
Cross site scripting in mephisto 0.7.3 security advisory References: http://www.mephistoblog.com https://vulners.com/cve/CVE-2007-1873 Description: Cross site scripting describes attacks that allow to insert malicious html or javascript code via get or post forms. This can be used to steal sessio...
CVE-2007-1873.txt
Cross site scripting in mephisto 0.7.3 security advisory References: http://www.mephistoblog.com http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1873 Description: Cross site scripting describes attacks that allow to insert malicious html or javascript code via get or post forms. This can b...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-1873. Reason: This candidate is a duplicate of CVE-2007-1873. Notes: All CVE users should reference CVE-2007-1873 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...