Cross-Site Scripting Vulnerability in TuMusika Evolution 1.6
CVE-2007-2090

Currently unrated

Key Information:

Vendor: Tumusika Evolution
Status: Tumusika Evolution
Vendor: CVE Published:; 18 April 2007

🔔 Create Tumusika Evolution Vulnerability Alert

What is CVE-2007-2090?

A cross-site scripting vulnerability in the index.php file of TuMusika Evolution version 1.6 permits remote attackers to inject arbitrary web scripts or HTML. This flaw arises due to improper validation of the 'msg' parameter, enabling unauthorized users to execute malicious code in the context of the affected web application, potentially compromising user data and security.

References

http://www.vupen.com/english/advisories/2007/1374

vdb-entryx_refsource_VUPEN

http://securityreason.com/securityalert/2585

third-party-advisoryx_refsource_SREASON

https://exchange.xforce.ibmcloud.com/vulnerabilities/33593

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 18, 2007
Vulnerability Reserved
Apr 17, 2007

CVE-2007-2090 Data

JSON