Unrated severityNVD Advisory· Published May 4, 2007· Updated Jun 16, 2026
CVE-2007-2499
CVE-2007-2499
Description
Multiple cross-site scripting (XSS) vulnerabilities in DVDdb 0.6 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the movieid parameter to loan.php or (2) the s parameter to listmovies.php.
Affected products
2Patches
Vulnerability mechanics
References
7News mentions
0No linked articles in our index yet.