Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbTim BrownEDB-ID:30172
HistoryJun 11, 2007 - 12:00 a.m.

JFFNms 0.8.3 - 'auth.php?user' Cross-Site Scripting

2007-06-1100:00:00
Tim Brown
www.exploit-db.com
15

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/24414/info
 
Just For Fun Network Management and Monitoring System (JFFNMS) is prone to multiple remote vulnerabilities, including a cross-site scripting issue, an SQL-injection issue, and multiple information-disclosure issues.
 
An attacker can exploit these issues by manipulating the SQL query logic to carry out unauthorized actions on the underlying database, access sensitive information, and obtain cookie-based authentication credentials.
 
These issues affect versions prior to JFFNMS 0.8.4-pre3. 

http://www.example.com/auth.php?user=[xss]

Related

prion 1
ubuntucve 1
cvelist 1
cve 1
nvd 1
nessus 1
openvas 2
debian 1
osv 1
prion
prion
Cross site scripting
2007-06-12 23:30:00
ubuntucve
ubuntucve
CVE-2007-3189
2007-06-12 00:00:00
cvelist
cvelist
CVE-2007-3189
2007-06-12 23:00:00
cve
cve
CVE-2007-3189
2007-06-12 23:30:00
nvd
nvd
CVE-2007-3189
2007-06-12 23:30:00
nessus
nessus
Debian DSA-1374-1 : jffnms - several vulnerabilities
2007-09-14 00:00:00
openvas
openvas
Debian Security Advisory DSA 1374-1 (jffnms)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1374-1)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1374-1] New jffnms packages fix several vulnerabilities
2007-09-11 18:57:54
osv
osv
jffnms - several vulnerabilities
2007-09-11 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:30172
prion1ubuntucve1cvelist1cve1nvd1nessus1openvas2debian1osv1