GCVE - cpe:2.3:a:acp3:acp3:4.0_beta_3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:acp3:acp3:4.0_beta_3:*:*:*:*:*:*:*

part: a version: 4.0_beta_3 update: *

Vendor	Acp3 (`5380d2af-a769-5d0f-b2bb-1a7fd9b535f7`)
Product	Acp3 (`498fb77e-9d99-59f2-ad05-0440a8edae5a`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-2579`	vulnerable	2026-06-03 14:28:08.643720	Details available Multiple cross-site scripting (XSS) vulnerabilities in ACP3 4.0 beta 3 allow remote attackers to inject arbitrary web script or HTML via (1) the form[mail] parameter to contact/contact/index.php; the (2) form[mods][] or (3) form[search_term] parameter to search/list/action_search/index.php; (4) the id parameter to modules/dl/download.php; (5) the form[cat] parameter to news/list/index.php; the (6) form[cat], (7) form[name], or (8) form[message] parameter to certain news/details/id_*/action_create/index.php files; or (9) the form[mail] parameter to newsletter/create/index.php. Published: 2007-05-09T21:00:00.000Z Updated: 2024-08-07T13:42:33.435Z Open on db.gcve.eu Reference links http://www.osvdb.org/36193 http://securityreason.com/securityalert/2686 http://www.securityfocus.com/bid/23834 http://www.osvdb.org/36188 http://www.securityfocus.com/archive/1/467746/100/0/threaded	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-2578`	vulnerable	2026-06-03 14:28:08.643341	Details available Unspecified vulnerability in search/list/action_search/index.php in ACP3 4.0 beta 3 allows remote attackers to have unknown impact, relating to "Cookie Manipulation", via the form[search_term] parameter. Published: 2007-05-09T21:00:00.000Z Updated: 2024-08-07T13:42:33.440Z Open on db.gcve.eu Reference links http://securityreason.com/securityalert/2686 http://www.securityfocus.com/bid/23834 http://www.securityfocus.com/archive/1/467746/100/0/threaded http://osvdb.org/36183	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-2577`	vulnerable	2026-06-03 14:28:08.642955	Details available Multiple SQL injection vulnerabilities in ACP3 4.0 beta 3 allow remote attackers to execute arbitrary SQL commands via (1) the mode parameter to feeds.php, the (2) form[cat] parameter to (a) news/list/index.php or (b) certain news/details/id_*/action_create/index.php files, or (3) the form[mods][] parameter to search/list/action_search/index.php. Published: 2007-05-09T21:00:00.000Z Updated: 2024-08-07T13:42:33.405Z Open on db.gcve.eu Reference links http://www.osvdb.org/36185 http://securityreason.com/securityalert/2686 http://www.securityfocus.com/bid/23834 http://www.osvdb.org/36186 http://www.securityfocus.com/archive/1/467746/100/0/threaded	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.