2 matches found
CVE-2007-5948
Multiple cross-site scripting XSS vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the 1 nick aka Name and 2 shout aka Shout parameters...
CVE-2007-5948
SF-Shoutbox 1.2.1 through 1.4 contains multiple XSS vulnerabilities in main.php that allow remote attackers to inject arbitrary script or HTML via the nick (Name) and shout (Shout) parameters. Affected component: SF-Shoutbox main.php; vulnerable versions: 1.2.1–1.4. The root cause is improper san...