VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 14, 2008· Updated Apr 23, 2026

CVE-2008-3678

CVE-2008-3678

Description

Cross-site scripting (XSS) vulnerability in admin/search_links.php in Freeway before 1.4.2.197 allows remote attackers to inject arbitrary web script or HTML via the URL.

Affected products

9
  • Damian Hickey/Freeway9 versions
    cpe:2.3:a:damian_hickey:freeway:1.0.60:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:damian_hickey:freeway:1.0.60:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.1.0.76:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.1.1.80:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.2.0.113:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.3.1.147:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.3.2.154:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.4.1.170:*:*:*:*:*:*:*
    • cpe:2.3:a:damian_hickey:freeway:1.4.1.171:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.