Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5293

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2007-5293
Last Modified 07 Mar 2011 10:00:26
Published 09 Oct 2007 02:17:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2007-5293

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IDMOS 1.0-beta (aka Phoenix) allow remote attackers to inject arbitrary web script or HTML via the (1) err_msg parameter to error.php and the (2) content parameter to templates/simple/ia.php.

Vulnerable Systems

Application

  • Idmos 1.0-beta


References

VUPEN - ADV-2007-3433

BID - 25950

BUGTRAQ - 20071006 idmos-phoenix cms Remote File inclusion

MILW0RM - 4495

OSVDB - 38632

OSVDB - 38631

XF - idmos-ia-xss(36999)

XF - idmos-error-xss(36997)

SREASON - 3205


Last Updated: 27 May 2016 10:46:08