Published: 17/07/2007 Updated: 15/10/2018

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Webcit prior to 7.11 allow remote malicious users to inject arbitrary web script or HTML via (1) the who parameter to showuser; and other vectors involving (2) calendar mode, (3) bulletin board mode, (4) room names, and (5) uploaded file names.

Vulnerable Product	Search on Vulmon	Subscribe to Product
citadel webcit

source: wwwsecurityfocuscom/bid/24913/info Citadel WebCit is prone to multiple input-validation vulnerabilities, including multiple HTML-injection issues and a cross-site scripting issue, because it fails to sufficiently sanitize user-supplied input data Exploiting these issues may allow an attacker to execute HTML and script code in th ...

NVD-CWE-Other http://www.securityfocus.com/bid/24913 http://secunia.com/advisories/26090 http://securityreason.com/securityalert/2890 http://osvdb.org/38177 http://osvdb.org/38179 http://osvdb.org/38176 http://osvdb.org/38178 http://osvdb.org/38180 https://exchange.xforce.ibmcloud.com/vulnerabilities/35433 http://www.securityfocus.com/archive/1/473714/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30312/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3822

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect