2 matches found
Authentication flaw
report.cgi in Google Urchin allows remote attackers to bypass authentication and obtain sensitive information web server logs via certain modified query parameters, as demonstrated using the profile, rid, prefs, n, vid, bd, ed, dt, and gtype parameters, a different vulnerability than CVE-2007-511...
CVE-2007-5112
CVE-2007-5112 is an XSS vulnerability in Google Urchin 5 (versions up to 5.7.03 and earlier) affecting the session.cgi (login page). The weakness allows remote attackers to inject arbitrary script/HTML via the query string, as described in the NVD entry. The impact noted includes potential creden...