CVE-2007-3886 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2007-3886

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Cross-site scripting (XSS) vulnerability in default.asp in Element CMS allows remote attackers to inject arbitrary web script or HTML via the s parameter in a search pID action.

Affected Software

Name	Vendor	Start Version	End Version
Element_cms	Netimage_media	*	*

References

http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0286.html
http://osvdb.org/36356
http://secunia.com/advisories/26080
http://www.securityfocus.com/bid/24960
https://exchange.xforce.ibmcloud.com/vulnerabilities/35475
http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0286.html
http://osvdb.org/36356
http://secunia.com/advisories/26080
http://www.securityfocus.com/bid/24960
https://exchange.xforce.ibmcloud.com/vulnerabilities/35475