CVE-2007-0363

Sažetak

Cross-site scripting (XSS) vulnerability in admin-search.php in (1) Openads for PostgreSQL (aka phpPgAds) before 2.0.10 and (2) Openads (aka phpAdsNew) before 2.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

Reference

http://secunia.com/advisories/23720
http://sourceforge.net/project/shownotes.php?group_id=11386&release_id=479424
http://sourceforge.net/project/shownotes.php?group_id=36679&release_id=479426
http://www.securityfocus.com/bid/22124
http://www.vupen.com/english/advisories/2007/0240
https://exchange.xforce.ibmcloud.com/vulnerabilities/31570

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-07-2017 - 01:30

Objavljeno

19-01-2007 - 01:28