Vulnerability Details CVE-2007-0952
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Virtual Calendar allow remote attackers to inject arbitrary web script or HTML via the (1) t and (2) yr parameters, and the (3) sho parameter when the m parameter is outside the intended range.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.1%
CVSS Severity
CVSS v2 Score 6.8
References
- http://osvdb.org/33182
- http://secunia.com/advisories/24125
- http://www.securityfocus.com/bid/22536
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32448
- http://osvdb.org/33182
- http://secunia.com/advisories/24125
- http://www.securityfocus.com/bid/22536
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32448
Products affected by CVE-2007-0952
-
cpe:2.3:a:scriptsez.net:virtual_calendar:*