Vulnerabilities > CVE-2007-3134 - Unspecified vulnerability in Atom Photoblog
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN atom
exploit available
Summary
Multiple cross-site scripting (XSS) vulnerabilities in atomPhotoBlog.php in Atom PhotoBlog 1.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Your Name, (2) Your Homepage, and (3) Your Comment fields, when using "Approve Comments."
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Atom PhotoBlog 1.0.1/1.0.9AtomPhotoBlog.PHP Multiple Input Validation Vulnerabilities. CVE-2007-3134 . Webapps exploit for php platform |
| id | EDB-ID:30161 |
| last seen | 2016-02-03 |
| modified | 2007-06-07 |
| published | 2007-06-07 |
| reporter | Serapis.net |
| source | https://www.exploit-db.com/download/30161/ |
| title | Atom PhotoBlog 1.0.1/1.0.9AtomPhotoBlog.PHP Multiple Input Validation Vulnerabilities |
References
- http://osvdb.org/37046
- http://osvdb.org/37046
- http://secunia.com/advisories/25562
- http://secunia.com/advisories/25562
- http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101
- http://sourceforge.net/project/shownotes.php?group_id=186464&release_id=514101
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34767
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34767