CVE-2007-3211 | Vulnerability Database | Aqua Security

Cross-site scripting (XSS) vulnerability in 404.php in Domain Technologie Control (DTC) before 0.25.9 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO (REQUEST_URI). NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected Software

Name	Vendor	Start Version	End Version
Domain_technologie_control	Domain_technologie_control	0.17 (including)	0.17 (including)
Domain_technologie_control	Domain_technologie_control	0.20 (including)	0.20 (including)
Domain_technologie_control	Domain_technologie_control	0.22 (including)	0.22 (including)
Domain_technologie_control	Domain_technologie_control	0.24.5 (including)	0.24.5 (including)
Domain_technologie_control	Domain_technologie_control	0.24.5_r0 (including)	0.24.5_r0 (including)
Domain_technologie_control	Domain_technologie_control	0.25 (including)	0.25 (including)
Domain_technologie_control	Domain_technologie_control	0.25.1 (including)	0.25.1 (including)

References

http://osvdb.org/36382
http://secunia.com/advisories/25504
http://www.securityfocus.com/bid/24441
https://exchange.xforce.ibmcloud.com/vulnerabilities/34832

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-3211
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html