Vulnerabilities > CVE-2007-2300 - Unspecified vulnerability in Surat Kabar PHPwebnews 0.1/0.2

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
surat-kabar
exploit available
NVD
Published: 2007-04-26
Updated: 2024-11-21

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Endy Kristanto Surat kabar / News Management Online (aka phpwebnews) 0.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the m_txt parameter to (1) iklan.php, (2) index.php, or (3) bukutamu.php.

Vulnerable Configurations

Part Description Count
Application
Surat_Kabar
2

Exploit-Db

  • descriptionphpwebnews 0.1 iklan.php m_txt Parameter XSS. CVE-2007-2300. Webapps exploit for php platform
    idEDB-ID:29845
    last seen2016-02-03
    modified2007-04-07
    published2007-04-07
    reporterthe_Edit0r
    sourcehttps://www.exploit-db.com/download/29845/
    titlephpwebnews 0.1 iklan.php m_txt Parameter XSS
  • descriptionphpwebnews 0.1 bukutamu.php m_txt Parameter XSS. CVE-2007-2300. Webapps exploit for php platform
    idEDB-ID:29847
    last seen2016-02-03
    modified2007-04-07
    published2007-04-07
    reporterthe_Edit0r
    sourcehttps://www.exploit-db.com/download/29847/
    titlephpwebnews 0.1 bukutamu.php m_txt Parameter XSS
  • descriptionphpwebnews 0.1 index.php m_txt Parameter XSS. CVE-2007-2300. Webapps exploit for php platform
    idEDB-ID:29846
    last seen2016-02-03
    modified2007-04-07
    published2007-04-07
    reporterthe_Edit0r
    sourcehttps://www.exploit-db.com/download/29846/
    titlephpwebnews 0.1 index.php m_txt Parameter XSS

References