Vulnerabilities > CVE-2007-3235 - Cross-Site Scripting vulnerability in Fuzzylime Forum Fuzzylime Forum 1.0

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
fuzzylime-forum
exploit available
NVD
Published: 2007-06-15
Updated: 2017-10-11

Summary

Cross-site scripting (XSS) vulnerability in low.php in Fuzzylime Forum 1.0 allows remote attackers to inject arbitrary web script or HTML via the topic parameter. NOTE: this might be resultant from SQL injection.

Vulnerable Configurations

Part Description Count
Application
Fuzzylime_Forum
1

Exploit-Db

descriptionFuzzylime Forum 1.0 (low.php topic) Remote SQL Injection Exploit. CVE-2007-3234,CVE-2007-3235. Webapps exploit for php platform
fileexploits/php/webapps/4062.pl
idEDB-ID:4062
last seen2016-01-31
modified2007-06-12
platformphp
port
published2007-06-12
reporterSilentz
sourcehttps://www.exploit-db.com/download/4062/
titleFuzzylime Forum 1.0 low.php topic Remote SQL Injection Exploit
typewebapps

References