CVE-2008-7213 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-7213
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-7213

Description: Cross-site scripting (XSS) vulnerability in mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php in MOStlyCE before 2.4, as used in Mambo 4.6.3 and earlier, allows remote attackers to inject arbitrary web script or HTML via the Command parameter.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/39984 SAID Secunia Advisory: SA28670 OSVDB 42530 MISC http://www.bugreport.ir/index_33.htm CONFIRM http://forum.mambo-foundation.org/showthread.php?t=10158 BUGTRAQ http://archives.neohapsis.com/archives/bugtraq/2008-02/0444.html http://www.securityfocus.com/archive/1/archive/1/487128/100/200/threaded BID 27470

Return to the previous page.