Lucene search
Robert BuchholzEDB-ID:30684HistoryOct 18, 2007 - 12:00 a.m.
SiteBar 3.3.8 - 'integrator.php?lang' Cross-Site Scripting
2007-10-1800:00:00
Robert Buchholz
www.exploit-db.com
16
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/26126/info
SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input.
These issues include:
- A local file-include vulnerability
- Multiple arbitrary-script-code-execution vulnerabilities
- Multiple cross-site scripting vulnerabilities
- A URI-redirection vulnerability.
Exploiting these issues can allow attackers to access potentially sensitive information, to execute arbitrary script code in the context of the webserver process, to steal cookie-based authentication credentials, and to redirect users to malicious webpages.
SiteBar 3.3.8 and prior versions are vulnerable.
http://www.example.com/integrator.php?lang="><script>alert('xss')</script>Related
exploitdb
exploitdb
SiteBar 3.3.8 - 'command.php?Modify User Action uid' Cross-Site Scripting
2007-10-18 00:00:00
SiteBar 3.3.8 - 'index.php?target' Cross-Site Scripting
2007-10-18 00:00:00
prion
prion
Cross site scripting
2007-10-29 20:46:00
ubuntucve
ubuntucve
CVE-2007-5692
2007-10-29 00:00:00
cvelist
cvelist
CVE-2007-5692
2007-10-29 20:00:00
cve
cve
CVE-2007-5692
2007-10-29 20:46:00
nvd
nvd
CVE-2007-5692
2007-10-29 20:46:00
nessus
nessus
GLSA-200711-05 : SiteBar: Multiple issues
2007-11-07 00:00:00
Debian DSA-1423-1 : sitebar - several vulnerabilities
2007-12-11 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200711-05 (sitebar)
2008-09-24 00:00:00
Debian: Security Advisory (DSA-1423-1)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200711-05 (sitebar)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 1423-1] New sitebar packages fix several vulnerabilities
2007-12-07 18:56:32
osv
osv
sitebar - several vulnerabilities
2007-12-07 00:00:00
gentoo
gentoo
SiteBar: Multiple issues
2007-11-06 00:00:00
securityvulns
securityvulns