CVE-2017-6397
Published
CVSS v3
6.1
MEDIUM
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
An issue was discovered in FlightAirMap v1.0-beta.10. The vulnerability exists due to insufficient filtration of user-supplied data in multiple parameters passed to several *-sub-menu.php pages. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Open source project displaying live aircrafts, ships or trackers on 2D/3D map. Browse through the data based on a particular aircraft, airline, airport, tracker or vessel to search through the database or see extensive statistics. Can use ADS-B in SBS1 format (dump1090, Radarcape,...), VRS, VA (VATSIM, IVAO whazzup.txt, phpvms,...), ACARS (acarsdec, acarsdeco2), APRS, AIS as datasource.
GitHub