CVE-2007-3198 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in comments.php in Maran PHP Blog (Maran Blog) possibly only versions before 20070610 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Reference

http://osvdb.org/35374 http://secunia.com/advisories/25616 http://securityreason.com/securityalert/2797 http://www.securityfocus.com/archive/1/471046/100/0/threaded http://www.securityfocus.com/archive/1/494549/100/0/threaded http://www.securityfocus.com/bid/24409 http://www.securityfocus.com/bid/30309 http://www.secvsn.com/content/Advisories/sr-060607-maran.html http://www.vupen.com/english/advisories/2007/2148 https://exchange.xforce.ibmcloud.com/vulnerabilities/34812

Share on: