Published: 31/07/2007 Updated: 15/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 445

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in IT!CMS (itcms) 0.2 allow remote malicious users to inject arbitrary web script or HTML via the wndtitle parameter to (1) lang-en.php, (2) menu-ed.php, or (3) titletext-ed.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
itcms itcms 0.2

source: wwwsecurityfocuscom/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the co ...

source: wwwsecurityfocuscom/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the cont ...

source: wwwsecurityfocuscom/bid/25129/info IT!CMS is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the contex ...

NVD-CWE-Other http://www.securityfocus.com/bid/25129 http://securityreason.com/securityalert/2953 http://osvdb.org/39026 http://osvdb.org/37255 http://osvdb.org/37254 http://osvdb.org/39025 http://osvdb.org/39024 http://osvdb.org/37256 https://exchange.xforce.ibmcloud.com/vulnerabilities/35663 http://www.securityfocus.com/archive/1/475064/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30435/

CVE-2007-4115

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect