CVE-2007-5985 - CVE Reference - Advisories

CVE Reference: CVE-2007-5985

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-5985

Description: Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) account.php, (2) moresmiles.php, or (3) recover.php; or (4) the "to" parameter to usercp.php.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/38413 http://xforce.iss.net/xforce/xfdb/38414 SAID Secunia Advisory: SA27550 CONFIRM http://sourceforge.net/tracker/index.php?func=detail&aid=1753797&group_id=146822&atid=766508 http://sourceforge.net/project/shownotes.php?group_id=146822&release_id=552477 http://sourceforge.net/forum/forum.php?forum_id=752472 BID 26551

Return to the previous page.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	phpJobScheduler "installed_conf ig_file" File Inclusion Vulnerabilities

2.	phpBB BBcode "url" Script Insertion Vulnerability

3.	OpenOffice "rtl_allocateMe mory()" Truncation Vulnerability

4.	phpBB "url" bbcode Script Insertion Vulnerability

5.	Honeyd "test.sh" Insecure Temporary Files

6.	JustSystems Ichitaro Products Unspecified Code Execution Vulnerability

7.	HP-UX update for Apache

8.	Red Hat Directory Server Multiple Vulnerabilities

9.	R "javareconf" Insecure Temporary Files

10.	Tiger "genmsgidx" Insecure Temporary Files