Vulnerabilities > CVE-2007-4020 - Cross-Site Scripting vulnerability in FORMfields AdMan Login.PHP
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
brain-book-software
Summary
Multiple cross-site scripting (XSS) vulnerabilities in login.php in AdMan 1.0.20051202 FF 3 patch and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user and (2) pwd parameters. Additional information can be found at: FrSIRT: http://www.frsirt.com/english/advisories/2007/2655 Secunia: http://secunia.com/advisories/26206/
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |