Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4165

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-4165
Last Modified 05 Sep 2008 05:27:34
Published 07 Aug 2007 06:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-4165

Summary

Cross-site scripting (XSS) vulnerability in index.php in the Blue Memories theme 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757 and CVE-2007-4014. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vulnerable Systems

Application

  • Wordpress

  • Xu Yiyang Blue Memories Theme 1.5


References

SECUNIA - 26345

CONFIRM - http://xuyiyang.com/2007/06/22/blue-memories-and-spring-updated/

XF - bluememories-index-xss(35817)

BID - 25215

OSVDB - 36603


Last Updated: 27 May 2016 10:45:46