Vulnerabilities > CVE-2007-3198 - Unspecified vulnerability in Maran PHP Blog
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN maran
exploit available
Summary
Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog), possibly only versions before 20070610, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Maran PHP Blog 'comments.php' Cross-Site Scripting Vulnerability. CVE-2007-3198. Webapps exploit for php platform |
| id | EDB-ID:32090 |
| last seen | 2016-02-03 |
| modified | 2008-07-21 |
| published | 2008-07-21 |
| reporter | Dr.Crash |
| source | https://www.exploit-db.com/download/32090/ |
| title | Maran PHP Blog 'comments.php' Cross-Site Scripting Vulnerability |
References
- http://osvdb.org/35374
- http://osvdb.org/35374
- http://secunia.com/advisories/25616
- http://secunia.com/advisories/25616
- http://securityreason.com/securityalert/2797
- http://securityreason.com/securityalert/2797
- http://www.securityfocus.com/archive/1/471046/100/0/threaded
- http://www.securityfocus.com/archive/1/471046/100/0/threaded
- http://www.securityfocus.com/archive/1/494549/100/0/threaded
- http://www.securityfocus.com/archive/1/494549/100/0/threaded
- http://www.securityfocus.com/bid/24409
- http://www.securityfocus.com/bid/24409
- http://www.securityfocus.com/bid/30309
- http://www.securityfocus.com/bid/30309
- http://www.secvsn.com/content/Advisories/sr-060607-maran.html
- http://www.secvsn.com/content/Advisories/sr-060607-maran.html
- http://www.vupen.com/english/advisories/2007/2148
- http://www.vupen.com/english/advisories/2007/2148
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34812
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34812