CVE-2007-1331

TKS Banking Solutions ePortfolio 1.0 Java - Cross-Site Scripting via Search Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-1331. PoCs published by Stefan Friedli.

AI-analyzed exploit summary The provided text describes a client-side input-validation vulnerability in ePortfolio, which can be exploited for XSS attacks. It includes a sample URL demonstrating the vulnerability but lacks executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in TKS Banking Solutions ePortfolio 1.0 Java allow remote attackers to inject arbitrary web script or HTML via unspecified vectors that bypass the client-side protection scheme, one of which may be the q parameter to the search program. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Stefan Friedli · textwebappsphp
https://www.exploit-db.com/exploits/29715

The provided text describes a client-side input-validation vulnerability in ePortfolio, which can be exploited for XSS attacks. It includes a sample URL demonstrating the vulnerability but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Theoretical
Target: ePortfolio (version not specified)
No auth needed
Prerequisites: Access to the vulnerable ePortfolio application
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/461895/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/2385
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/22829
Various Sources x_refsource_misc
http://www.scip.ch/cgi-bin/smss/showadvf.pl?id=2893
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/24331

Scores

EPSS 0.0540
EPSS Percentile 91.7%

Details

Status published
Products (1)
tks_banking_solutions/eportfolio 1.0
Published Mar 07, 2007
Tracked Since Feb 18, 2026