Launchpad CVE tracker

CVE 2007-4048

Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

Related bugs and status

CVE-2007-4048 (Candidate) is related to these bugs:

Bug #137394: [Sync request] Sync egroupware 1.2.107-2.dfsg-1.1 from Debian unstable (main)

Summary				In	Importance	Status
	137394	[Sync request] Sync egroupware 1.2.107-2.dfsg-1.1 from Debian unstable (main)		egroupware (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

BID: 25090
SECUNIA: 26248
CONFIRM: http://download.phpgro...
CONFIRM: http://sourceforge.net...
SECUNIA: 26473
SREASON: 2952
OSVDB: 36601
BUGTRAQ: 20070725 PHPSysInfo In...

Launchpad.net

CVE 2007-4048

Related bugs and status

Related bugs

References