Unrated severityNVD Advisory· Published May 16, 2007· Updated Apr 23, 2026

CVE-2007-2716

Description

Multiple cross-site scripting (XSS) vulnerabilities in EQdkp 1.3.2c and earlier allow remote attackers to inject arbitrary web script or HTML via the show parameter to (1) listmembers.php and (2) stats.php. NOTE: some of these details are obtained from third party information.

Affected products

Eqdkp/Eqdkp7 versions
cpe:2.3:a:eqdkp:eqdkp:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:eqdkp:eqdkp:*:*:*:*:*:*:*:*range: <=1.3.2c
- cpe:2.3:a:eqdkp:eqdkp:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:eqdkp:eqdkp:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:eqdkp:eqdkp:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:eqdkp:eqdkp:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:eqdkp:eqdkp:1.3.1_p1:*:*:*:*:*:*:*
- cpe:2.3:a:eqdkp:eqdkp:1.3_p4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/25249nvdVendor Advisory
marc.infonvd
marc.infonvd
osvdb.org/36051nvd
osvdb.org/36052nvd
www.securityfocus.com/bid/23951nvd
exchange.xforce.ibmcloud.com/vulnerabilities/34335nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000