Vulnerabilities > CVE-2007-1551 - Cross-Site Scripting vulnerability in PHPx 3.5.15
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
phpx
Summary
Multiple cross-site scripting (XSS) vulnerabilities in phpx 3.5.15 allow remote attackers to inject arbitrary web script or HTML via (1) the signature in "dans profile," or (2) search.php.
References
- http://osvdb.org/34412
- http://osvdb.org/34413
- http://secunia.com/advisories/24565
- http://securityreason.com/securityalert/2457
- http://www.securityfocus.com/archive/1/463192/100/0/threaded
- http://www.securityfocus.com/bid/23033
- http://www.vupen.com/english/advisories/2007/1087
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33153
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33154