inc/vul_check.inc in phpVideoPro before 0.8.8 permits non-alphanumeric characters in the sess_id parameter, which has unknown impact and remote attack vectors, probably cross-site scripting (XSS).
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-07-06T18:00:00

Updated: 2024-08-07T14:21:36.452Z

Reserved: 2007-07-06T00:00:00

Link: CVE-2007-3596

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-07-06T18:30:00.000

Modified: 2024-11-21T00:33:37.050

Link: CVE-2007-3596

cve-icon Redhat

No data.