CVE-2007-1328

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-1328
Cross-site scripting (XSS) vulnerability in formulaire.php in Bernard JOLY BJ Webring allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter related to the add link menu.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://forums.avenir-geopolitique.net/viewtopic.php?t=2707 Exploit
http://securityreason.com/securityalert/2384
http://www.securityfocus.com/archive/1/461802/100/0/threaded
http://forums.avenir-geopolitique.net/viewtopic.php?t=2707 Exploit
http://securityreason.com/securityalert/2384
http://www.securityfocus.com/archive/1/461802/100/0/threaded
Configurations

Configuration 1 (hide)

cpe:2.3:a:bernard_joly:bj_webring:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:28

Type Values Removed Values Added
References () http://forums.avenir-geopolitique.net/viewtopic.php?t=2707 - Exploit () http://forums.avenir-geopolitique.net/viewtopic.php?t=2707 - Exploit
References () http://securityreason.com/securityalert/2384 - () http://securityreason.com/securityalert/2384 -
References () http://www.securityfocus.com/archive/1/461802/100/0/threaded - () http://www.securityfocus.com/archive/1/461802/100/0/threaded -
Information

Published : 2007-03-07 21:19

Updated : 2025-04-09 00:30

NVD link : CVE-2007-1328

Mitre link : CVE-2007-1328

CVE.ORG link : CVE-2007-1328

JSON object : View

Products Affected

bernard_joly

  • bj_webring
CWE
NVD-CWE-Other