CVE-2008-6637
Libraryvideocompany Safari Montage < 3.1.3 - XSS
Title source: ruleDescription
Multiple cross-site scripting (XSS) vulnerabilities in forgotPW.php in Library Video Company SAFARI Montage 3.1.x allow remote attackers to inject arbitrary web script or HTML via the (1) school and (2) email parameters.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Omer Singer · textwebappsphp
https://www.exploit-db.com/exploits/31835
References (6)
Scores
EPSS
0.0034
EPSS Percentile
56.3%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
libraryvideocompany/safari_montage
< 3.1.3
n/a/n/a
Timeline
Published
Apr 07, 2009
Tracked Since
Feb 18, 2026