CVE-2007-6309 (webSPELL) |
|
| BugsAlert Home > CVE-2007-6309 (webSPELL) | |
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in webSPELL 4.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) the galleryID parameter in a usergallery upload action; or the (2) upID, (3) tag, (4) month, (5) userID, or (6) year parameter in a calendar announce action. Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6309 Learn more about CVE-2007-6309 (webSPELL) |
|
| Tags: cve-2007-6309 webspell | |
Related Items |
|
|
Netwin SmsGate "Content-Length" Header Processing Denial of Service
|
|
|
TROJ_AGENT.TM
|
|
|
FrSIRT - SuSE Security Update Fixes Kernel Security Bypass and DoS Issues
|
|
|
Ubuntu update for python
|
|
|
Fedora Security Update Fixes Perl Expression Engine Code Execution
|
|
|
CVE-2008-0399 (Surveillix RecordSend Class)
|
|
|
FrSIRT - IBM WebSphere Application Server Information Disclosure Vulnerabilities
|
|
