Unrated severityNVD Advisory· Published Jan 29, 2007· Updated Apr 23, 2026

CVE-2007-0552

Description

Cross-site scripting (XSS) vulnerability in install/default/error404.html in Oh no! Not another CMS (Onnac) 0.0.8.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the error_url parameter.

Affected products

Oh No Not Another Cms/Oh No Not Another CMS
cpe:2.3:a:oh_no_not_another_cms:oh_no_not_another_cms:0.0.8.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

onnac.svn.sourceforge.net/viewvc/onnac/trunk/install/default/error404.htmlnvdPatchVendor Advisory
sourceforge.net/forum/forum.phpnvdVendor Advisory
osvdb.org/36811nvd
www.securityfocus.com/bid/22256nvd
www.vupen.com/english/advisories/2007/0347nvd
exchange.xforce.ibmcloud.com/vulnerabilities/31795nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000