Vulnerabilities > CVE-2007-0054 - Cross-Site Scripting vulnerability in VCard Pro

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

belchior-foundry

exploit available

NVD

Published: 2007-01-04

Updated: 2018-10-16

Summary

Cross-site scripting (XSS) vulnerability in gbrowse.php in Belchior Foundry vCard PRO allows remote attackers to inject arbitrary web script or HTML via the sortby parameter.

Vulnerable Configurations

Part	Description	Count
Application	Belchior_Foundry Belchior Foundry Vcard PRO *	1

Exploit-Db

description	VCard Pro GBrowse.PHP Cross-Site Scripting Vulnerability. CVE-2007-0054 . Webapps exploit for php platform
id	EDB-ID:29376
last seen	2016-02-03
modified	2007-01-02
published	2007-01-02
reporter	exexp
source	https://www.exploit-db.com/download/29376/
title	VCard Pro GBrowse.PHP Cross-Site Scripting Vulnerability

References

http://osvdb.org/33359
http://www.securityfocus.com/archive/1/455615/100/0/threaded
http://www.securityfocus.com/bid/21844
https://exchange.xforce.ibmcloud.com/vulnerabilities/31182