Multiple cross-site scripting (XSS) vulnerabilities in Minh Nguyen Duong Obie Website Mini Web Shop 2 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO (query string) to (1) sendmail.php or (2) order_form.php, different vectors than CVE-2006-6734.
References
Configurations
History
21 Nov 2024, 00:31
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/36248 - | |
References | () http://osvdb.org/36249 - | |
References | () http://securityreason.com/securityalert/2666 - | |
References | () http://www.securityfocus.com/archive/1/467831/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/23847 - Exploit | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/34105 - |
Information
Published : 2007-05-09 00:19
Updated : 2024-11-21 00:31
NVD link : CVE-2007-2532
Mitre link : CVE-2007-2532
CVE.ORG link : CVE-2007-2532
JSON object : View
Products Affected
obie_website
- mini_web_shop
CWE