Vulnerabilities > CVE-2007-0119 - Cross-Site Scripting vulnerability in Edittag 1.2
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description EditTag 1.2 mkpw.pl plain Parameter XSS. CVE-2007-0119. Webapps exploit for cgi platform id EDB-ID:29395 last seen 2016-02-03 modified 2007-01-05 published 2007-01-05 reporter NetJackal source https://www.exploit-db.com/download/29395/ title EditTag 1.2 mkpw.pl plain Parameter XSS description EditTag 1.2 mkpw.cgi plain Parameter XSS. CVE-2007-0119. Webapps exploit for cgi platform id EDB-ID:29396 last seen 2016-02-03 modified 2007-01-05 published 2007-01-05 reporter NetJackal source https://www.exploit-db.com/download/29396/ title EditTag 1.2 mkpw.cgi plain Parameter XSS description EditTag 1.2 mkpw_mp.cgi plain Parameter XSS. CVE-2007-0119. Webapps exploit for cgi platform id EDB-ID:29394 last seen 2016-02-03 modified 2007-01-05 published 2007-01-05 reporter NetJackal source https://www.exploit-db.com/download/29394/ title EditTag 1.2 mkpw_mp.cgi plain Parameter XSS