Vulnerabilities > CVE-2007-2716 - Cross-Site Scripting vulnerability in EQDKP Show Variable

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
eqdkp
exploit available

Summary

Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. NOTE: some of these details are obtained from third party information.

Exploit-Db

descriptionEQDKP 1.3.1 Show Variable Cross-Site Scripting Vulnerability. CVE-2007-2716. Webapps exploit for php platform
idEDB-ID:30028
last seen2016-02-03
modified2007-05-12
published2007-05-12
reporterkefka
sourcehttps://www.exploit-db.com/download/30028/
titleEQDKP <= 1.3.1 Show Variable Cross-Site Scripting Vulnerability