Vulnerabilities > CVE-2007-3590 - Cross-Site Scripting vulnerability in B1G B1Gbb 2.24

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

b1g

exploit available

NVD

Published: 2007-07-05

Updated: 2017-09-29

Summary

Cross-site scripting (XSS) vulnerability in visitenkarte.php in b1gBB 2.24.0 allows remote attackers to inject arbitrary web script or HTML via the user parameter.

Vulnerable Configurations

Part	Description	Count
Application	B1G B1G B1Gbb 2.24	1

Exploit-Db

description	b1gbb 2.24.0 (SQL Injection / XSS) Remote Vulnerabilities. CVE-2007-3589,CVE-2007-3590. Webapps exploit for php platform
file	exploits/php/webapps/4122.txt
id	EDB-ID:4122
last seen	2016-01-31
modified	2007-06-28
platform	php
port
published	2007-06-28
reporter	GoLd_M
source	https://www.exploit-db.com/download/4122/
title	b1gbb 2.24.0 SQL Injection / XSS Remote Vulnerabilities
type	webapps

Summary

Vulnerable Configurations

Exploit-Db

References