Moole Vulnerability Database

Find real vulnerabilities before they ship

Unknown

CVE-2007-3189

Cross-site scripting (XSS) vulnerability in auth.php in Just For Fun Network Management System (JFFNMS) 0.8.3 allows remote attackers to inject arbitrary web script or HTML via the user parameter.

PublishedJun 12, 2007, 23:30

Published Bycve@mitre.org

Affected Versions

No affected versions found.

References

http://marc.info/?l=full-disclosure&m=118151087109711&w=2
http://secunia.com/advisories/25587
http://secunia.com/advisories/26769
http://www.debian.org/security/2007/dsa-1374
http://www.securityfocus.com/archive/1/471039/100/0/threaded
http://www.securityfocus.com/bid/24414

Weakness Type

NVD-CWE-Other

CVSS Metrics

Base Score

4.3

Vector String

AV:N/AC:M/Au:N/C:N/I:P/A:N

Base SeverityUnknown

Version

2.0

Attack Vector (AV)