Vulnerabilities > CVE-2007-3693 - Cross-Site Scripting vulnerability in Helma Search Script
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Cross-site scripting (XSS) vulnerability in Gobi as of 20070711, built on Helma, allows remote attackers to inject arbitrary web script or HTML via the q parameter to the search function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Helma 1.5.3 Search Script Cross-Site Scripting Vulnerability. CVE-2007-3693. Webapps exploit for php platform |
id | EDB-ID:30293 |
last seen | 2016-02-03 |
modified | 2007-07-12 |
published | 2007-07-12 |
reporter | Hanno Boeck |
source | https://www.exploit-db.com/download/30293/ |
title | Helma 1.5.3 - Search Script Cross-Site Scripting Vulnerability |
Packetstorm
data source | https://packetstormsecurity.com/files/download/57701/CVE-2007-3693-gobi.txt |
id | PACKETSTORM:57701 |
last seen | 2016-12-05 |
published | 2007-07-13 |
reporter | Hanno Boeck |
source | https://packetstormsecurity.com/files/57701/CVE-2007-3693-gobi.txt.html |
title | CVE-2007-3693-gobi.txt |