6.8
CVE-2007-1305
- EPSS 1.35%
- Veröffentlicht 07.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:19
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginMultiple cross-site scripting (XSS) vulnerabilities in add2.php in Sava's Guestbook 23.11.2006 allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) country, (3) email, and (4) website parameters.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Savas Place ≫ Savas Guestbook Version2006-11-23
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.35% | 0.679 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
http://belsec.com/advisories/142/summary.html
http://secunia.com/advisories/24411
http://securityreason.com/securityalert/2350
http://www.securityfocus.com/archive/1/461910/100/0/threaded
http://www.securityfocus.com/bid/22820
https://exchange.xforce.ibmcloud.com/vulnerabilities/32812