CVE-2007-6474

Properties

Published:
19.12.2007
Updated:
23.12.2007
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Product:
GF_3Xplorer: GF_3Xplorer

Vulnerability description

Multiple cross-site scripting (XSS) vulnerabilities in GF-3XPLORER 2.4 allow remote attackers to inject arbitrary web script or HTML via the newdir parameter to index_3x.php, and unspecified other vectors.

References:

MILW0RM: http://www.milw0rm.com/exploits/4738
SECUNIA: http://secunia.com/advisories/28164