admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-10xx/CVE-2007-1050.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

125 lines
3.5 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-1050",
"sourceIdentifier": "cve@mitre.org",
"published": "2007-02-21T23:28:00.000",
"lastModified": "2018-10-16T16:36:29.470",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in index.php in AbleDesign MyCalendar allow remote attackers to inject arbitrary web script or HTML via (1) the go parameter, (2) the keyword parameter in the search menu (go=search), or (3) the username or (4) the password in a go=Login action."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de tipo cross-site scripting (XSS) en el archivo index.php en MyCalendar de AbleDesign, permiten a los atacantes remotos inyectar un script web o HTML arbitrario por medio de (1) el par\u00e1metro go, (2) el par\u00e1metro keyword en el men\u00fa de b\u00fasqueda (go=search), o (3) el nombre de usuario o (4) la contrase\u00f1a en una acci\u00f3n go=Login."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 4.3
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:abledesign:mycalendar:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2C95CEB-B0A7-4FE6-962E-14EA8B80D449"
}
]
}
]
}
],
"references": [
{
"url": "http://forums.avenir-geopolitique.net/viewtopic.php?t=2686",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://osvdb.org/33317",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/33318",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/33319",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/24222",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://securityreason.com/securityalert/2270",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/archive/1/460598/100/0/threaded",
"source": "cve@mitre.org"
},
{
"url": "http://www.securityfocus.com/bid/22635",
"source": "cve@mitre.org"
},
{
"url": "http://www.vupen.com/english/advisories/2007/0679",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32581",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink