Published: 05/09/2007 Updated: 15/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Toms Gaestebuch 1.00 allow remote malicious users to inject arbitrary web script or HTML via the (1) homepage, (2) mail, and (3) name parameters in a show action to (a) form.php; the (4) language and (5) anzeigebreite parameters to (b) admin/header.php; and the (6) msg parameter to (c) install.php, different vectors than CVE-2006-0706.

Vulnerable Product	Search on Vulmon	Subscribe to Product
www.toms-seiten.at toms gaestebuch 1.00

source: wwwsecurityfocuscom/bid/25507/info Toms GÃ¤stebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may all ...

source: wwwsecurityfocuscom/bid/25507/info Toms GÃ¤stebuch is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site This may allow ...

CWE-79 http://www.securityfocus.com/bid/25507 http://secunia.com/advisories/26662 http://www.osvdb.org/36735 http://www.osvdb.org/36736 http://securityreason.com/securityalert/3097 https://exchange.xforce.ibmcloud.com/vulnerabilities/36404 http://www.securityfocus.com/archive/1/478803/100/0/threaded http://www.securityfocus.com/archive/1/478360/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/30554/

CVE-2007-4711

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect