PT-2007-1802 · Unknown · Liens Dynamiques

Published

2007-01-18

Updated

2018-10-16

CVE-2007-0331

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: liens dynamiques version 2.1

Description: The issue is related to a cross-site scripting (XSS) vulnerability. It allows remote attackers to inject arbitrary web script or HTML. This can be achieved by using the ajouter=1 query string and the add menu.

Recommendations: For liens dynamiques version 2.1, consider restricting access to the liens.php3 file until a patch is available. As a temporary workaround, avoid using the ajouter=1 query string in the affected API endpoint.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-0331

Affected Products

Liens Dynamiques

PT-2007-1802 · Unknown · Liens Dynamiques

CVE-2007-0331

Related Identifiers

Affected Products

References · 5