CVE-2007-2887

{"id": "CVE-2007-2887", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2007-05-30T01:30:00.000", "references": [{"url": "http://osvdb.org/36329", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/38346", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/25407", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/2742", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/469500/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/24117", "source": "cve@mitre.org"}, {"url": "http://osvdb.org/36329", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://osvdb.org/38346", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/25407", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/2742", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/469500/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/24117", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in index.php in Web Icerik Yonetim Sistemi (WIYS) 1.0 allows remote attackers to inject arbitrary web script or HTML via the No parameter in the Sayfa page."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en index.php en Web Icerik Yonetim Sistemi (WIYS) 1.0 permite a atacantes remotos inyectar secuencias de comandos (script) web o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro No en la pagina Sayfa."}], "lastModified": "2024-11-21T00:31:54.020", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:forsnet:web_icerik_yonetim_sistemi:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BB30D88-7540-435D-B787-1AE3DA316903"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}