Unrated severityNVD Advisory· Published Feb 12, 2007· Updated Apr 23, 2026

CVE-2007-0891

Description

Cross-site scripting (XSS) vulnerability in the GetCurrentCompletePath function in phpmyvisites.php in phpMyVisites before 2.2 allows remote attackers to inject arbitrary web script or HTML via the query string.

Affected products

Matthieu Aubry/Phpmyvisites9 versions
cpe:2.3:a:matthieu_aubry:phpmyvisites:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:matthieu_aubry:phpmyvisites:*:*:*:*:*:*:*:*range: <=2.1
- cpe:2.3:a:matthieu_aubry:phpmyvisites:0.1_beta:*:*:*:*:*:*:*
- cpe:2.3:a:matthieu_aubry:phpmyvisites:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:matthieu_aubry:phpmyvisites:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:matthieu_aubry:phpmyvisites:1.2_beta:*:*:*:*:*:*:*
- cpe:2.3:a:matthieu_aubry:phpmyvisites:1.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

marc.infonvdThird Party Advisory
www.securityfocus.com/bid/22516nvdThird Party AdvisoryVDB Entry
osvdb.org/33176nvdBroken Link
secunia.com/advisories/24124nvdPermissions Required
www.vupen.com/english/advisories/2007/0566nvdNot Applicable
www.securityfocus.com/archive/1/459792/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/32430nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000