CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-6541

Multiple cross-site scripting (XSS) vulnerabilities in neuron news 1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the topic parameter in a viewtopic action, or the (2) newsyear or (3) newsmonth parameter in a newsarchive action to the default URI in patch/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.3%

CVSS Severity

CVSS v2 Score 4.3

References

http://securityreason.com/securityalert/3489
http://www.securityfocus.com/archive/1/485176/100/0/threaded
http://securityreason.com/securityalert/3489
http://www.securityfocus.com/archive/1/485176/100/0/threaded

Products affected by CVE-2007-6541

Neuron News » Neuron News » Version: 1.0

cpe:2.3:a:neuron_news:neuron_news:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-6541

Products

Pricing

Contact Us