CVE-2007-6085

VigileCMS 1.4 - XSS

Title source: llm

Description

Multiple cross-site scripting (XSS) vulnerabilities in index.php in VigileCMS 1.4 allow remote attackers to inject arbitrary web script or HTML via the message field in the (1) vedipm or (2) live_chat module.

Exploits (1)

exploitdb WRITEUP VERIFIED
by DevilAuron · textwebappsphp
https://www.exploit-db.com/exploits/4632

References (4)

Scores

EPSS 0.0348
EPSS Percentile 87.4%

Classification

CWE
CWE-79
Status draft

Affected Products (1)

vigilecms/vigilecms

Timeline

Published Nov 22, 2007
Tracked Since Feb 18, 2026