CVE-2007-0390 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in index.php in sabros.us 1.7 allows remote attackers to inject arbitrary web script or HTML via the tag parameter.

Affected Software

Name	Vendor	Start Version	End Version
Sabros.us	Sabros.us	1.7 (including)	1.7 (including)

References

http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051868.html
http://osvdb.org/31602
http://secunia.com/advisories/23824
http://securityreason.com/securityalert/2170
http://www.securityfocus.com/archive/1/457331/100/0/threaded
http://www.securityfocus.com/bid/22115
https://exchange.xforce.ibmcloud.com/vulnerabilities/31600
http://lists.grok.org.uk/pipermail/full-disclosure/2007-January/051868.html
http://osvdb.org/31602
http://secunia.com/advisories/23824
http://securityreason.com/securityalert/2170
http://www.securityfocus.com/archive/1/457331/100/0/threaded
http://www.securityfocus.com/bid/22115
https://exchange.xforce.ibmcloud.com/vulnerabilities/31600

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0390
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html