Vulnerabilities > CVE-2007-4079 - Cross-Site Scripting vulnerability in AlstraSoft SMS Text Messaging Enterprise

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
alstrasoft
exploit available
NVD
Published: 2007-07-30
Updated: 2008-11-15

Summary

Multiple cross-site scripting (XSS) vulnerabilities in AlstraSoft SMS Text Messaging Enterprise allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) q parameter to (a) admin/membersearch.php, or (3) the userid parameter to (b) admin/edituser.php.

Vulnerable Configurations

Part Description Count
Application
Alstrasoft
1

Exploit-Db

  • descriptionAlstraSoft SMS Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS. CVE-2007-4079 . Webapps exploit for php platform
    idEDB-ID:30367
    last seen2016-02-03
    modified2007-07-23
    published2007-07-23
    reporterLostmon
    sourcehttps://www.exploit-db.com/download/30367/
    titleAlstraSoft Sms Text Messaging Enterprise 2.0 admin/membersearch.php Multiple Parameter XSS
  • descriptionAlstraSoft SMS Text Messaging Enterprise 2.0 admin/edituser.php userid Parameter XSS. CVE-2007-4079 . Webapps exploit for php platform
    idEDB-ID:30368
    last seen2016-02-03
    modified2007-07-23
    published2007-07-23
    reporterLostmon
    sourcehttps://www.exploit-db.com/download/30368/
    titleAlstraSoft Sms Text Messaging Enterprise 2.0 admin/edituser.php userid Parameter XSS

References