Lucene search

[email protected]NVD:CVE-2007-2632

HistoryMay 13, 2007 - 11:19 p.m.

CVE-2007-2632

2007-05-1323:19:00

[email protected]

web.nvd.nist.gov

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.033

Percentile

91.3%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in PHP Multi User Randomizer (phpMUR) 2006.09.13 allow remote attackers to inject arbitrary web script or HTML via (1) the edit_plugin parameter to configure_plugin.tpl.php, or (2) certain array parameters to web/phpinfo.php, as demonstrated by 1[] or a[].

Affected configurations

Nvd

Node

php_multi_user_randomizerphp_multi_user_randomizerMatch2006.09.13

VendorProductVersionCPE
php_multi_user_randomizerphp_multi_user_randomizer2006.09.13cpe:2.3:a:php_multi_user_randomizer:php_multi_user_randomizer:2006.09.13:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_multi_user_randomizer	php_multi_user_randomizer	2006.09.13	cpe:2.3:a:php_multi_user_randomizer:php_multi_user_randomizer:2006.09.13:::::::*

References

marc.info/?l=bugtraq&m=117883301207293&w=2

osvdb.org/36212

osvdb.org/36213

www.securityfocus.com/bid/23917

www.vupen.com/english/advisories/2007/1796

exchange.xforce.ibmcloud.com/vulnerabilities/34228

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.033

Percentile

91.3%

JSON

Related for NVD:CVE-2007-2632

prion1 exploitdb1 cve1 cvelist1