admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2007/CVE-2007-66xx/CVE-2007-6696.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

128 lines
3.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2007-6696",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-02-01T20:00:00.000",
"lastModified": "2024-11-21T00:40:47.250",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) an event description, (2) the query string to pref.php, and (3) the adv parameter to search.php. NOTE: vector 1 requires user authentication."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en WebCalendar 1.1.6, permiten a atacantes remotos inyectar a su elecci\u00f3n web script o HTM mediante (1) unas descripciones de eventos, (2) la cadena de consulta de pref.php, y (3) el par\u00e1metro adv de search.php. \r\nNOTA: el vector 1 requiere autenticaci\u00f3n de usuario."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:P/A:N",
"baseScore": 2.1,
"accessVector": "NETWORK",
"accessComplexity": "HIGH",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:webcalendar:webcalendar:1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "ACAD8EF1-302C-4037-BB23-210020781701"
}
]
}
]
}
],
"references": [
{
"url": "http://osvdb.org/41274",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/41275",
"source": "cve@mitre.org"
},
{
"url": "http://osvdb.org/41276",
"source": "cve@mitre.org"
},
{
"url": "http://www.digitrustgroup.com/advisories/web-application-security-webcalendar.html",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.securityfocus.com/bid/27461",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://osvdb.org/41274",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://osvdb.org/41275",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://osvdb.org/41276",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.digitrustgroup.com/advisories/web-application-security-webcalendar.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "http://www.securityfocus.com/bid/27461",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink