1 results (0.001 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2007-5370 – NetWin DNews - 'Dnewsweb.exe' Multiple Cross-Site Scripting Vulnerabilities

https://notcve.org/view.php?id=CVE-2007-5370

11 Oct 2007 — Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/dnewsweb.exe in NetWin DNewsWeb (DNews News Server) 57e1 allow remote attackers to inject arbitrary web script or HTML via the (1) group or (2) utag parameter. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en cgi-bin/dnewsweb.exe en NetWin DNewsWeb (DNews News Server) 57e1 permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro (1) group o (2) utag. • https://www.exploit-db.com/exploits/30649 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •