VYPR
Unrated severityNVD Advisory· Published Nov 14, 2007· Updated Jun 16, 2026

CVE-2007-5948

CVE-2007-5948

Description

Multiple cross-site scripting (XSS) vulnerabilities in main.php in SF-Shoutbox 1.2.1 through 1.4 allow remote attackers to inject arbitrary web script or HTML via the (1) nick (aka Name) and (2) shout (aka Shout) parameters.

Affected products

3
  • cpe:2.3:a:script-fun:sf-shoutbox:1.2.1:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:script-fun:sf-shoutbox:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:script-fun:sf-shoutbox:1.4:*:*:*:*:*:*:*
  • Range: 1.2.1 - 1.4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.