CVE-2007-6696
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2007-6696
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.1.6 allow remote attackers to inject arbitrary web script or HTML via (1) an event description, (2) the query string to pref.php, and (3) the adv parameter to search.php. NOTE: vector 1 requires user authentication.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
webCalendar 多个跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
webCalendar 1.1.6版本中的功能存在多个跨站脚本攻击漏洞。远程攻击者可以通过(1) 一个事件描述, (2) pref.php的查询字符串,以及 (3)search.php的 adv参数来注入任意web脚本或HTML。注意: vector 1 需要用户权限认证.
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2007-6696
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2007-6696
Please Login to view more intelligence information
Same Patch Batch · n/a · 2008-02-01 · 19 CVEs total
| CVE-2008-0544 | SDL_image IMG_LoadLBM_RW function 远程缓冲区溢出漏洞 | |
| CVE-2008-0552 | eTicket 'index.php'跨站脚本攻击漏洞 | |
| CVE-2008-0551 | Namo web Editor NamoInstaller.dll ActiveX控件任意命令执行漏洞 | |
| CVE-2008-0550 | Steamcast Off-by-one 错误 缓冲区溢出漏洞 | |
| CVE-2008-0549 | radio_toolbox steamcast 的OggHeaderParse 函数 数字错误漏洞 | |
| CVE-2008-0548 | radio_toolbox steamcast Content-Length HTTP头 拒绝服务攻击漏洞 | |
| CVE-2008-0547 | CandyPress admin/utilities_ConfigHelp.asp 跨站脚本攻击漏洞 | |
| CVE-2008-0546 | CandyPress 多个SQL注入漏洞 | |
| CVE-2008-0545 | Bubbling Library 多个参数 目录遍历漏洞 | |
| CVE-2007-6698 | OpenLDAP NOOP control 拒绝服务漏洞 | |
| CVE-2008-0543 | Pre Dynamic Institution "login.asp" 和 "siteadmin/login.asp" 多个SQL注入漏洞 | |
| CVE-2008-0542 | Gerd Tentler Simple Forum thumbnail.php 目录遍历漏洞 | |
| CVE-2008-0541 | Gerd Tentler Simple Forum forum.php 多个跨站脚本攻击漏洞 | |
| CVE-2008-0540 | trixbox 'index.php' 多个跨站脚本攻击漏洞 | |
| CVE-2008-0539 | F5 BIG-IP 跨站脚本漏洞 | |
| CVE-2008-0538 | phpip_management 多个SQL注入漏洞 | |
| CVE-2007-6697 | SDL_image无效GIF文件LWZ Minimum Code Size远程缓冲区溢出漏洞 | |
| CVE-2007-6695 | Drake CMS 'index.php'跨站脚本攻击漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2007-6696
No comments yet