Vulnerabilities > CVE-2007-2757 - Cross-Site Scripting vulnerability in Dean J Robinson Redoable 1.2

047910
CVSS 6.8 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
dean-j-robinson
exploit available

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Redoable 1.2 allow remote attackers to inject arbitrary web script or HTML via the s parameter to (1) wp-content/themes/redoable/searchloop.php or (2) wp-content/themes/redoable/header.php.

Vulnerable Configurations

Part Description Count
Application
Dean_J_Robinson
1

Exploit-Db

descriptionRedoable 1.2 Theme header.php s Parameter XSS. CVE-2007-2757. Webapps exploit for php platform
idEDB-ID:30050
last seen2016-02-03
modified2007-05-17
published2007-05-17
reporterJohn Martinelli
sourcehttps://www.exploit-db.com/download/30050/
titleRedoable 1.2 Theme header.php s Parameter XSS