CVE-2007-5948 (SF-Shoutbox) [Sitemap] - HeapOverflow Computer Security Community & Forums : Heap Overflow.com
PDA

View Full Version : CVE-2007-5948 (SF-Shoutbox)

Heap
15-11-07, 11:26
Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shout (aka Shout) parameters.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5948)