Multiple cross-site scripting (XSS) vulnerabilities in phpGedView before 2.65 allow remote attackers to inject arbitrary HTML or web script via (1) descendancy.php, (2) index.php, (3) individual.php, (4) login.php, (5) relationship.php, (6) source.php, (7) imageview.php, (8) calendar.php, (9) gedrecord.php, (10) login.php, and (11) gdbi_interface.php. NOTE: some aspects of vector 10 were later reported to affect 4.1.
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | n/a |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.securityfocus.com/bid/11891 | vdb-entry x_refsource_BID x_transferred |
| http://www.osvdb.org/3473 | vdb-entry x_refsource_OSVDB x_transferred |
| http://secunia.com/advisories/26628 | third-party-advisory x_refsource_SECUNIA x_transferred |
| http://www.osvdb.org/3478 | vdb-entry x_refsource_OSVDB x_transferred |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/14212 | vdb-entry x_refsource_XF x_transferred |
| http://www.securityfocus.com/bid/11904 | vdb-entry x_refsource_BID x_transferred |
| http://www.vupen.com/english/advisories/2007/2995 | vdb-entry x_refsource_VUPEN x_transferred |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36285 | vdb-entry x_refsource_XF x_transferred |
| http://www.securityfocus.com/bid/11903 | vdb-entry x_refsource_BID x_transferred |
| http://securitytracker.com/id?1018613 | vdb-entry x_refsource_SECTRACK x_transferred |
| http://www.securityfocus.com/bid/11888 | vdb-entry x_refsource_BID x_transferred |
| http://www.osvdb.org/3476 | vdb-entry x_refsource_OSVDB x_transferred |
| http://www.securityfocus.com/bid/11905 | vdb-entry x_refsource_BID x_transferred |
| http://www.osvdb.org/3475 | vdb-entry x_refsource_OSVDB x_transferred |
| http://www.osvdb.org/3477 | vdb-entry x_refsource_OSVDB x_transferred |
| http://www.securityfocus.com/bid/11907 | vdb-entry x_refsource_BID x_transferred |
| http://www.osvdb.org/3479 | vdb-entry x_refsource_OSVDB x_transferred |
| http://www.securityfocus.com/bid/11882 | vdb-entry x_refsource_BID x_transferred |
| http://www.securityfocus.com/bid/11906 | vdb-entry x_refsource_BID x_transferred |
| http://www.securityfocus.com/bid/11880 | vdb-entry x_refsource_BID x_transferred |
| http://www.osvdb.org/3474 | vdb-entry x_refsource_OSVDB x_transferred |
| http://www.securityfocus.com/bid/11890 | vdb-entry x_refsource_BID x_transferred |
| http://www.securityfocus.com/bid/11894 | vdb-entry x_refsource_BID x_transferred |
| http://marc.info/?l=bugtraq&m=107394912715478&w=2 | mailing-list x_refsource_BUGTRAQ x_transferred |
| http://www.securityfocus.com/bid/11868 | vdb-entry x_refsource_BID x_transferred |
| http://www.securityfocus.com/archive/1/477881/100/0/threaded | mailing-list x_refsource_BUGTRAQ x_transferred |