EDB-4693
webappsphpVERIFIED
SineCMS 2.3.4 - Calendar SQL Injection
CVE-2007-6367CVE-2007-6366
KiNgOfThEwOrLd12/5/2007
CVE-2007-6367
NONEMultiple cross-site scripting (XSS) vulnerabilities in the guestbook in SineCMS 2.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username (user) or (2) comme
Publicado: 12/15/2007Actualizado: 4/9/2025
Descripción
Multiple cross-site scripting (XSS) vulnerabilities in the guestbook in SineCMS 2.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username (user) or (2) comment (commento) field, different vectors than CVE-2007-2357.
Análisis IAImpulsado por IA
Productos Afectados
sinecmssinecms
Exploits Disponibles (1)
Referencias
- http://secunia.com/advisories/27949Vendor Advisory
- http://securityreason.com/securityalert/3444
- http://www.securityfocus.com/archive/1/484648/100/0/threaded
- http://www.securityfocus.com/archive/1/485267/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38893
- https://www.exploit-db.com/exploits/4693
- http://secunia.com/advisories/27949Vendor Advisory
- http://securityreason.com/securityalert/3444
- http://www.securityfocus.com/archive/1/484648/100/0/threaded
- http://www.securityfocus.com/archive/1/485267/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38893
- https://www.exploit-db.com/exploits/4693