Vulnerabilities > CVE-2007-2991 - Cross-Site Scripting vulnerability in Evenzia Content Management Systems (CMS)

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
evenzia
exploit available

Summary

Cross-site scripting (XSS) vulnerability in includes/send.inc.php in Evenzia CMS allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Vulnerable Configurations

Part Description Count
Application
Evenzia
1

Exploit-Db

descriptionEvenzia Content Management Systems (CMS) cross-site script vulnerability. CVE-2007-2991 . Webapps exploit for php platform
idEDB-ID:30132
last seen2016-02-03
modified2007-06-01
published2007-06-01
reporterGlafkos Charalambous
sourcehttps://www.exploit-db.com/download/30132/
titleEvenzia Content Management Systems CMS Cross-Site script Vulnerability