CVE-2007-6560

N/A Unknown

Published: December 28, 2007 Modified: April 23, 2026

Description

Multiple cross-site scripting (XSS) vulnerabilities in Logaholic before 2.0 RC8 allow remote attackers to inject arbitrary web script or HTML via (1) the newconfname parameter to profiles.php or (2) the conf parameter to index.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/39792

Source: cve@mitre.org

http://osvdb.org/39793

Source: cve@mitre.org

http://secunia.com/advisories/28263

Source: cve@mitre.org

http://securityreason.com/securityalert/3496

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/485480/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/490101/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/27003

Source: cve@mitre.org

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/39223

Source: cve@mitre.org

http://osvdb.org/39792