Published: 07/12/2007 Updated: 08/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 440

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) template parameter to pages/default.aspx.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xigla absolute news manager.net 5.1

source: wwwsecurityfocuscom/bid/26692/info Absolute News Manager NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues Attackers can exploit these issues to steal cookie-based authentication credentials, execute arbitrary script code in the conte ...

source: wwwsecurityfocuscom/bid/26692/info Absolute News Manager NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues Attackers can exploit these issues to steal cookie-based authentication credentials, execute arbitrary script code in the context ...

CWE-79 http://marc.info/?l=bugtraq&m=119678724111351&w=2 http://www.procheckup.com/Vulnerability_PR07-39.php http://www.xigla.com/news/default.aspx http://www.securityfocus.com/bid/26692 http://secunia.com/advisories/27923 http://osvdb.org/40577 http://osvdb.org/40578 https://exchange.xforce.ibmcloud.com/vulnerabilities/38873 https://exchange.xforce.ibmcloud.com/vulnerabilities/38872 https://nvd.nist.gov https://www.exploit-db.com/exploits/30844/

CVE-2007-6270

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect