Lucene search

[email protected]CVE-2007-0950

HistoryFeb 15, 2007 - 2:28 a.m.

CVE-2007-0950

2007-02-1502:28:00

[email protected]

web.nvd.nist.gov

cve-2007-0950

cross-site scripting

xss

vulnerability

fullaspsite

asp hosting site

web script

html

remote attackers

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Cross-site scripting (XSS) vulnerability in listmain.asp in Fullaspsite ASP Hosting Site allows remote attackers to inject arbitrary web script or HTML via the cat parameter.

Affected configurations

NVD

Node

fullaspsiteasp_hosting_site

CPENameOperatorVersion
fullaspsite:asp_hosting_sitefullaspsite asp hosting siteeq*

CPE	Name	Operator	Version
fullaspsite:asp_hosting_site	fullaspsite asp hosting site	eq	*

References

osvdb.org/33720

securityreason.com/securityalert/2250

www.securityfocus.com/archive/1/459979/100/0/threaded

www.securityfocus.com/bid/22545

exchange.xforce.ibmcloud.com/vulnerabilities/32469

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

5.7 Medium

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

83.2%

JSON

Related for CVE-2007-0950

prion1 cvelist1 nvd1 securityvulns1