CVE Vulnerability

CVE-2007-3991

Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Adiniz (Ady), (2) Soyadiniz (Soyady), (3) Ehliyet, (4) Askerlik, and (5) GSM parameters; and possibly other unspecified vectors.

4.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

Scope

References
Link Resource
http://downloads.securityfocus.com/vulnerabilities/exploits/25008.html Exploit
http://www.securityfocus.com/bid/25008 Exploit
http://secunia.com/advisories/26174 Vendor Advisory
http://osvdb.org/36471
http://www.vupen.com/english/advisories/2007/2604
Configurations

Configuration 1

cpe:2.3:a:asp_indir:cvmatik:*:*:*:*:*:*:*:*
Information

Published : 2007-07-25 06:30

Updated : 2011-03-08 02:57

NVD link : CVE-2007-3991

Mitre link : CVE-2007-3991

Products Affected
No products.
CWE
NVD-CWE-Other