CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4945
https://notcve.org/view.php?id=CVE-2007-4945
18 Sep 2007 — Multiple cross-site scripting (XSS) vulnerabilities in LetterGrade allow remote attackers to inject arbitrary web script or HTML via (1) a student's email address, (2) the year parameter to genbrws/Student/cal_month.php3, and other unspecified vectors related to the calendar. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en LetterGrade permiten a atacantes remoto... • http://secunia.com/advisories/26768 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4946
https://notcve.org/view.php?id=CVE-2007-4946
18 Sep 2007 — LetterGrade allows remote attackers to obtain sensitive information (installation path or account existence) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. LetterGrade permite a atacantes remotos obtener información confidencial (ruta de instalación ó existencia de cuenta) mediante vectores no especificados. NOTA: El origen de esta información es desconocido; los detalles se han obtenido solamente de información de ... • http://osvdb.org/43160 •