Vulnerabilities > CVE-2007-0119 - Cross-Site Scripting vulnerability in Edittag 1.2

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
edittag
exploit available
NVD
Published: 2007-01-09
Updated: 2018-10-16

Summary

Multiple cross-site scripting (XSS) vulnerabilities in EditTag 1.2 allow remote attackers to inject arbitrary web script or HTML via the plain parameter to (1) mkpw_mp.cgi, (2) mkpw.pl, or (3) mkpw.cgi.

Vulnerable Configurations

Part Description Count
Application
Edittag
1

Exploit-Db

  • descriptionEditTag 1.2 mkpw.pl plain Parameter XSS. CVE-2007-0119. Webapps exploit for cgi platform
    idEDB-ID:29395
    last seen2016-02-03
    modified2007-01-05
    published2007-01-05
    reporterNetJackal
    sourcehttps://www.exploit-db.com/download/29395/
    titleEditTag 1.2 mkpw.pl plain Parameter XSS
  • descriptionEditTag 1.2 mkpw.cgi plain Parameter XSS. CVE-2007-0119. Webapps exploit for cgi platform
    idEDB-ID:29396
    last seen2016-02-03
    modified2007-01-05
    published2007-01-05
    reporterNetJackal
    sourcehttps://www.exploit-db.com/download/29396/
    titleEditTag 1.2 mkpw.cgi plain Parameter XSS
  • descriptionEditTag 1.2 mkpw_mp.cgi plain Parameter XSS. CVE-2007-0119. Webapps exploit for cgi platform
    idEDB-ID:29394
    last seen2016-02-03
    modified2007-01-05
    published2007-01-05
    reporterNetJackal
    sourcehttps://www.exploit-db.com/download/29394/
    titleEditTag 1.2 mkpw_mp.cgi plain Parameter XSS

References