CVE-2007-2732 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Jetbox CMS allow remote attackers to inject arbitrary web script or HTML via the (1) path parameter to view/search/; or the (2) companyname (3) country (4) email (5) firstname (6) middlename (7) required (8) surname or (9) title parameter to view/supplynews/.

Reference

http://osvdb.org/37451 http://osvdb.org/37452 http://securityreason.com/securityalert/2711 http://www.securityfocus.com/archive/1/468681/100/0/threaded http://www.securityfocus.com/bid/23999 http://www.vupen.com/english/advisories/2007/1831