CVE-2007-2916 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in showown.php in GMTT Music Distro 1.2 allows remote attackers to inject arbitrary web script or HTML via the st parameter.

Affected Software

Name	Vendor	Start Version	End Version
Music_distro	Gmtt	1.2 (including)	1.2 (including)

References

http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063515.html
http://osvdb.org/36571
http://secunia.com/advisories/25385
http://securityreason.com/securityalert/2745
http://www.securityfocus.com/archive/1/469269/100/0/threaded
http://www.securityfocus.com/bid/24108
http://www.vupen.com/english/advisories/2007/1938
https://exchange.xforce.ibmcloud.com/vulnerabilities/34440
http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063515.html
http://osvdb.org/36571
http://secunia.com/advisories/25385
http://securityreason.com/securityalert/2745
http://www.securityfocus.com/archive/1/469269/100/0/threaded
http://www.securityfocus.com/bid/24108
http://www.vupen.com/english/advisories/2007/1938
https://exchange.xforce.ibmcloud.com/vulnerabilities/34440

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-2916
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html