EDB-30931
webappsphpVERIFIED
Logaholic - 'index.php?conf' Cross-Site Scripting
CVE-2007-6560
malibu.r12/24/2007
説明
Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) the conf parameter to index.php.
AI分析AIによる分析
影響を受ける製品
logaholiclogaholic
0
利用可能なエクスプロイト (2)
参照
- http://osvdb.org/39792
- http://osvdb.org/39793
- http://secunia.com/advisories/28263
- http://securityreason.com/securityalert/3496
- http://www.securityfocus.com/archive/1/485480/100/0/threaded
- http://www.securityfocus.com/archive/1/490101/100/0/threaded
- http://www.securityfocus.com/bid/27003Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39223
- http://osvdb.org/39792
- http://osvdb.org/39793
- http://secunia.com/advisories/28263
- http://securityreason.com/securityalert/3496
- http://www.securityfocus.com/archive/1/485480/100/0/threaded
- http://www.securityfocus.com/archive/1/490101/100/0/threaded
- http://www.securityfocus.com/bid/27003Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39223