← back
CVE-2007-6001

CVE-2007-6001

EPSS 1.8%
Multiple cross-site scripting (XSS) vulnerabilities in index.php in Bandersnatch 0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) func or (2) date parameter, or the jid parameter in a (3) log or (4) user action, a different vulnerability than CVE-2007-3910.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/30801unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/38360http://www.portcullis-security.com/180.phphttp://www.securityfocus.com/bid/26553