2 matches found
CVE-2007-3267
Cross-site scripting XSS vulnerability in low.php in Fuzzylime Forum 1.01b and earlier allows remote attackers to inject arbitrary web script or HTML via the fromaction parameter in a log action, a different vector than CVE-2007-3235...
CVE-2007-3267
CVE-2007-3267 is a documented XSS in Fuzzylime Forum 1.01b and earlier, exploitable via the fromaction parameter in a log action (distinct vector from CVE-2007-3235). Affected component: low.php; vulnerability arises from improper handling of user-supplied data, permitting remote injection of arb...