EDB-4693
webappsphpVERIFIED
SineCMS 2.3.4 - Calendar SQL Injection
CVE-2007-6367CVE-2007-6366
KiNgOfThEwOrLd12/5/2007
CVE-2007-6367
NONEMultiple cross-site scripting (XSS) vulnerabilities in the guestbook in SineCMS 2.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username (user) or (2) comme
Publicado: 12/15/2007Atualizado: 4/9/2025
Descrição
Multiple cross-site scripting (XSS) vulnerabilities in the guestbook in SineCMS 2.3.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username (user) or (2) comment (commento) field, different vectors than CVE-2007-2357.
Análise IADesenvolvido por IA
Produtos Afetados
sinecmssinecms
Exploits Disponíveis (1)
Referências
- http://secunia.com/advisories/27949Vendor Advisory
- http://securityreason.com/securityalert/3444
- http://www.securityfocus.com/archive/1/484648/100/0/threaded
- http://www.securityfocus.com/archive/1/485267/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38893
- https://www.exploit-db.com/exploits/4693
- http://secunia.com/advisories/27949Vendor Advisory
- http://securityreason.com/securityalert/3444
- http://www.securityfocus.com/archive/1/484648/100/0/threaded
- http://www.securityfocus.com/archive/1/485267/100/200/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38893
- https://www.exploit-db.com/exploits/4693