Unrated severityNVD Advisory· Published Dec 15, 2007· Updated Jun 16, 2026
CVE-2007-6374
CVE-2007-6374
Description
Multiple cross-site scripting (XSS) vulnerabilities in Bitweaver 2.0.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) users/register.php or (2) search/index.php, or an editcomments action in (3) wiki/index.php or (4) forums/index.php. NOTE: the error parameter to users/login.php is covered by CVE-2006-3103.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
9- www.hackerscenter.com/archive/view.aspnvdExploit
- osvdb.org/39129nvd
- osvdb.org/39130nvd
- secunia.com/advisories/28024nvd
- securityreason.com/securityalert/3428nvd
- www.securityfocus.com/archive/1/484805/100/0/threadednvd
- www.securityfocus.com/bid/26801nvd
- www.vupen.com/english/advisories/2007/4168nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/38942nvd
News mentions
0No linked articles in our index yet.