Unrated severityNVD Advisory· Published Apr 10, 2007· Updated Jun 16, 2026
CVE-2007-1905
CVE-2007-1905
Description
Cross-site scripting (XSS) vulnerability in auth.php in Pineapple Technologies QuizShock 1.6.1 and earlier allows remote attackers to inject arbitrary web script or HTML via encoded special characters in the forward_to parameter, as demonstrated using "<"<".
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:pineapple_technologies:quizshock:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:pineapple_technologies:quizshock:*:*:*:*:*:*:*:*range: <=1.6.1
- (no CPE)range: <=1.6.1
Patches
Vulnerability mechanics
References
7- archives.neohapsis.com/archives/bugtraq/2007-04/0144.htmlnvdExploit
- secunia.com/advisories/24831nvdVendor Advisory
- john-martinelli.com/work/quizshock.txtnvd
- securityreason.com/securityalert/2554nvd
- www.securityfocus.com/bid/23368nvd
- www.vupen.com/english/advisories/2007/1319nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/33523nvd
News mentions
0No linked articles in our index yet.