CVE-2008-3668
N/A
N/A
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the Yogurt Social Network module 3.2 rc1 for XOOPS allow remote attackers to inject arbitrary web script or HTML via the uid parameter to (1) friends.php, (2) seutubo.php, (3) album.php, (4) scrapbook.php, (5) index.php, or (6) tribes.php; or (7) the description field of a new scrap.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44387
- http://www.securityfocus.com/bid/30618
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44385
- http://lostmon.blogspot.com/2008/08/yogurt-social-network-multiple-scripts.html
- http://www.securityfocus.com/bid/30619
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44387
- http://www.securityfocus.com/bid/30618
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44385
- http://lostmon.blogspot.com/2008/08/yogurt-social-network-multiple-scripts.html
- http://www.securityfocus.com/bid/30619
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.