Unrated severityNVD Advisory· Published Nov 15, 2007· Updated Apr 23, 2026
CVE-2007-5985
CVE-2007-5985
Description
Multiple cross-site scripting (XSS) vulnerabilities in BtiTracker before 1.4.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors to (1) account.php, (2) moresmiles.php, or (3) recover.php; or (4) the "to" parameter to usercp.php.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
15- secunia.com/advisories/27550nvdPatchVendor Advisory
- sourceforge.net/forum/forum.phpnvdPatch
- osvdb.org/38751nvd
- osvdb.org/38752nvd
- osvdb.org/38753nvd
- osvdb.org/38754nvd
- osvdb.org/42219nvd
- osvdb.org/42220nvd
- osvdb.org/42221nvd
- osvdb.org/42222nvd
- sourceforge.net/project/shownotes.phpnvd
- sourceforge.net/tracker/index.phpnvd
- www.securityfocus.com/bid/26551nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38413nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38414nvd
News mentions
0No linked articles in our index yet.