Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2007-0840
HistoryFeb 08, 2007 - 2:28 a.m.

CVE-2007-0840

2007-02-0802:28:00
mitre
web.nvd.nist.gov
33
cve-2007-0840
cross-site scripting
xss
hlstats
web script injection
html injection

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.4

Confidence

High

EPSS

0.009

Percentile

82.7%

JSON

Cross-site scripting (XSS) vulnerability in HLstats before 1.35 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in the search class. NOTE: it is possible that this issue overlaps CVE-2006-4543.3 or CVE-2006-4454.

Affected configurations

Nvd
Node
hlstatshlstatsMatch1.34
VendorProductVersionCPE
hlstatshlstats1.34cpe:2.3:a:hlstats:hlstats:1.34:*:*:*:*:*:*:*

Related

prion 2
cvelist 4
nvd 4
securityvulns 2
cve 3
exploitdb 2
openvas 2
freebsd 1
nessus 1
prion
prion
Cross site scripting
2007-02-08 02:28:00
Cross site scripting
2007-05-24 18:30:00
cvelist
cvelist
CVE-2007-0840
2007-02-08 02:00:00
CVE-2007-2847
2007-05-24 18:00:00
CVE-2006-4454
2006-08-30 15:00:00
nvd
nvd
CVE-2007-0840
2007-02-08 02:28:00
CVE-2007-2847
2007-05-24 18:30:00
CVE-2006-4454
2006-08-30 16:04:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2006-12-25 00:00:00
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2006-08-31 00:00:00
cve
cve
CVE-2007-2847
2007-05-24 18:30:00
CVE-2006-4454
2006-08-30 16:04:00
CVE-2006-4543
2006-09-06 00:04:00
exploitdb
exploitdb
HLstats 1.34 - 'hlstats.php' Cross-Site Scripting
2006-08-29 00:00:00
HLstats 1.34 - 'index.php' Multiple Cross-Site Scripting Vulnerabilities
2006-08-30 00:00:00
openvas
openvas
FreeBSD Ports: hlstats
2008-09-04 00:00:00
FreeBSD Ports: hlstats
2008-09-04 00:00:00
freebsd
freebsd
hlstats -- multiple cross site scripting vulnerabilities
2006-08-29 00:00:00
nessus
nessus
FreeBSD : hlstats -- multiple XSS vulnerabilities (09639ccc-3abb-11db-81e1-000e0c2e438a)
2011-09-06 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.4

Confidence

High

EPSS

0.009

Percentile

82.7%

JSON
Related for CVE-2007-0840
prion2cvelist4nvd4securityvulns2cve3exploitdb2openvas2freebsd1nessus1