CVE-2007-3991

ASP Indir Cvmatik < 1.1 - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in cv.asp in Asp cvmatik 1.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Adiniz (Ady), (2) Soyadiniz (Soyady), (3) Ehliyet, (4) Askerlik, and (5) GSM parameters; and possibly other unspecified vectors.

Exploits (1)

exploitdb WORKING POC VERIFIED

by GeFORC3 · htmlwebappsasp

https://www.exploit-db.com/exploits/30331

View Code ZIP pw:eip

References (5)

[Third Party Advisory, VDB Entry] http://osvdb.org/36471

[Exploit] http://www.securityfocus.com/bid/25008

[Vendor Advisory] http://secunia.com/advisories/26174

[Exploit] http://downloads.securityfocus.com/vulnerabilities/exploits/25008.html

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2604

Scores

EPSS 0.0346

EPSS Percentile 87.6%

Details

Status published

Products (1)

asp_indir/cvmatik < 1.1

Published Jul 25, 2007

Tracked Since Feb 18, 2026