Unrated severityNVD Advisory· Published Mar 3, 2007· Updated Apr 23, 2026

CVE-2007-1234

Description

Multiple cross-site scripting (XSS) vulnerabilities in sitex allow remote attackers to inject arbitrary web script or HTML via (1) the sxYear parameter to calendar.php, (2) the search parameter to search.php, (3) the linkid parameter to redirect.php, or (4) the page parameter to calendar_events.php.

Affected products

Bj Sintay/Sitex
cpe:2.3:a:bj_sintay:sitex:0.7.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/33158nvd
osvdb.org/33159nvd
osvdb.org/33160nvd
osvdb.org/33161nvd
securityreason.com/securityalert/2373nvd
www.securityfocus.com/archive/1/461305/100/0/threadednvd
www.securityfocus.com/archive/1/465849/100/200/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000