This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Netjukebox First view 2007-06-22
Product Netjukebox Last view 2007-06-22
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:netjukebox:netjukebox:4.01b:*:*:*:*:*:*:* 1

Related : CVE

  Date Alert Description
4.3 2007-06-22 CVE-2007-3344

Multiple cross-site scripting (XSS) vulnerabilities in netjukebox 4.01b allow remote attackers to inject arbitrary web script or HTML via the (1) album_id, (2) order, (3) sort, (4) filter, and (5) genre_id parameters to (a) index.php; and the (6) url parameter to (b) ridirect.php. NOTE: the attack also reveals the installation path.

Open Source Vulnerability Database (OSVDB)

id Description
36893 netjukebox ridirect.php url Parameter XSS
36892 netjukebox index.php Multiple Parameter XSS