Published: 06/07/2007 Updated: 15/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service (IGS) allows remote malicious users to inject arbitrary web script or HTML via the PARAMS parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap internet graphics server 7.00_patch_1
sap internet graphics server 7.00_patch_2
sap internet graphics server 6.40_patch_13
sap internet graphics server 6.40_patch_14
sap internet graphics server 6.40_patch_15
sap internet graphics server 6.40
sap internet graphics server 7.00_patch_3
sap internet graphics server 6.40_patch_11
sap internet graphics server 6.40_patch_12

source: wwwsecurityfocuscom/bid/24775/info SAP Internet Graphics Server is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input An attacker may perform cross-site scripting attacks on unsuspecting users in the context of the affected website As a result, the attacker may b ...

NVD-CWE-Other http://www.securityfocus.com/bid/24775 http://secunia.com/advisories/25950 http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-sap-internet-graphics-server/http://www.securitytracker.com/id?1018339 http://securityreason.com/securityalert/2865 http://osvdb.org/36480 http://www.vupen.com/english/advisories/2007/2452 https://exchange.xforce.ibmcloud.com/vulnerabilities/35280 http://www.securityfocus.com/archive/1/472889/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30279/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3613

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect