Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6001

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2007-6001
Last Modified 05 Sep 2008 05:32:08
Published 15 Nov 2007 05:46:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-6001

Summary

Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid parameter in a (3) log or (4) user action, a different vulnerability than CVE-2007-3910.

Vulnerable Systems

Application

  • Bandersnatch 0.4


References

XF - bandersnatch-index-xss(38360)

BID - 26553

MISC - http://www.portcullis-security.com/180.php


Last Updated: 27 May 2016 10:46:21