Unrated severityNVD Advisory· Published Jun 19, 2007· Updated Jun 16, 2026
CVE-2007-3129
CVE-2007-3129
Description
Cross-site scripting (XSS) vulnerability in login.php in Utopia News Pro 1.4.0 allows remote attackers to inject arbitrary web script or HTML via the password parameter.
Affected products
2cpe:2.3:a:utopia_software:utopia_news_pro:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:utopia_software:utopia_news_pro:*:*:*:*:*:*:*:*range: <=1.4.0
- (no CPE)range: =1.4.0
Patches
Vulnerability mechanics
References
8- www.netvigilance.com/advisory0034nvdExploitVendor Advisory
- secunia.com/advisories/25702nvdVendor Advisory
- archives.neohapsis.com/archives/fulldisclosure/2007-06/0370.htmlnvd
- www.osvdb.org/34165nvd
- www.securityfocus.com/archive/1/471626/100/0/threadednvd
- www.securityfocus.com/bid/24506nvd
- www.vupen.com/english/advisories/2007/2236nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/34902nvd
News mentions
0No linked articles in our index yet.