Back to search
CVE-2007-0265
Published: Jan 16, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple cross-site scripting (XSS) vulnerabilities in Ezboxx Portal System Beta 0.7.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the pic parameter to custom/piczoom.asp, (2) the nocatname parameter to boxx/user-upload.asp, or (3) the iid parameter to indexes/newscomments.asp.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
33468
vdb-entry
x_refsource_OSVDB
23759
third-party-advisory
x_refsource_SECUNIA
33469
vdb-entry
x_refsource_OSVDB
33467
vdb-entry
x_refsource_OSVDB
ADV-2007-0208
vdb-entry
x_refsource_VUPEN
http://www.bugsec.com/articles.php?Security=20
x_refsource_MISC
32828
vdb-entry
x_refsource_OSVDB
32826
vdb-entry
x_refsource_OSVDB
32827
vdb-entry
x_refsource_OSVDB
20070111 Ezboxx multiple vulnerabilities.
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now