VYPR
Unrated severityNVD Advisory· Published Jun 20, 2007· Updated Jun 16, 2026

CVE-2007-3299

CVE-2007-3299

Description

Cross-site scripting (XSS) vulnerability in AWFFull before 3.7.4, when AllSearchStr (aka the All Search Terms report) is enabled, allows remote attackers to inject arbitrary web script or HTML via a search string.

Affected products

2
  • Awffull/Awffull2 versions
    cpe:2.3:a:awffull:awffull:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:awffull:awffull:*:*:*:*:*:*:*:*range: <=3.7.1
    • (no CPE)range: <3.7.4

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.