CVE-2007-6270

Absolute News Manager.NET 5.1 - XSS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-6270. PoCs published by Adrian Pastor.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in Absolute News Manager .NET, including XSS, SQL injection, and information disclosure. It includes a sample XSS payload but lacks executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in Absolute News Manager.NET 5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) rmore parameter to xlaabsolutenm.aspx and the (2) template parameter to pages/default.aspx.

Exploits (2)

exploitdb WRITEUP VERIFIED
by Adrian Pastor · textwebappsasp
https://www.exploit-db.com/exploits/30843

The provided text describes multiple vulnerabilities in Absolute News Manager .NET, including XSS, SQL injection, and information disclosure. It includes a sample XSS payload but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Xss | Sqli | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Absolute News Manager .NET 5.1
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by Adrian Pastor · textwebappsasp
https://www.exploit-db.com/exploits/30844

The provided text describes multiple vulnerabilities in Absolute News Manager .NET, including XSS, SQL injection, and information disclosure. It includes a sample XSS payload but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Xss | Sqli | Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Absolute News Manager .NET 5.1
No auth needed
Prerequisites: Access to the vulnerable web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Various Sources x_refsource_misc
http://www.procheckup.com/Vulnerability_PR07-39.php
Various Sources x_refsource_confirm
http://www.xigla.com/news/default.aspx
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26692
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/40578
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38872
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/40577
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38873
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=119678724111351&w=2
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27923

Scores

EPSS 0.0233
EPSS Percentile 81.3%

Details

CWE
CWE-79
Status published
Products (1)
xigla/absolute_news_manager.net 5.1
Published Dec 07, 2007
Tracked Since Feb 18, 2026