CVE-2005-2327

Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://securitytracker.com/id?1014513	Exploit
https://www.exploit-db.com/exploits/1106

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:e107:e107:0.547_beta:::::::*
	cpe:2.3:a:e107:e107:0.548_beta:::::::*
	cpe:2.3:a:e107:e107:0.549_beta:::::::*
	cpe:2.3:a:e107:e107:0.551_beta:::::::*
	cpe:2.3:a:e107:e107:0.552_beta:::::::*
	cpe:2.3:a:e107:e107:0.553_beta:::::::*
	cpe:2.3:a:e107:e107:0.554_beta:::::::*
	cpe:2.3:a:e107:e107:0.555_beta:::::::*
	cpe:2.3:a:e107:e107:0.600:::::::*
	cpe:2.3:a:e107:e107:0.601:::::::*
	cpe:2.3:a:e107:e107:0.602:::::::*
	cpe:2.3:a:e107:e107:0.603:::::::*
	cpe:2.3:a:e107:e107:0.604:::::::*
	cpe:2.3:a:e107:e107:0.605:::::::*
	cpe:2.3:a:e107:e107:0.606:::::::*
	cpe:2.3:a:e107:e107:0.607:::::::*
	cpe:2.3:a:e107:e107:0.608:::::::*
	cpe:2.3:a:e107:e107:0.609:::::::*
	cpe:2.3:a:e107:e107:0.610:::::::*
	cpe:2.3:a:e107:e107:0.611:::::::*
	cpe:2.3:a:e107:e107:0.612:::::::*
	cpe:2.3:a:e107:e107:0.613:::::::*
	cpe:2.3:a:e107:e107:0.614:::::::*
	cpe:2.3:a:e107:e107:0.615a:::::::*
	cpe:2.3:a:e107:e107:0.616:::::::*
	cpe:2.3:a:e107:e107:0.617:::::::*
	cpe:2.3:a:e107:e107:5.1:::::::*
	cpe:2.3:a:e107:e107:5.3_beta:::::::*
	cpe:2.3:a:e107:e107:5.3_beta2:::::::*
	cpe:2.3:a:e107:e107:5.04:::::::*
	cpe:2.3:a:e107:e107:5.4_beta1:::::::*
	cpe:2.3:a:e107:e107:5.4_beta3:::::::*
	cpe:2.3:a:e107:e107:5.4_beta4:::::::*
	cpe:2.3:a:e107:e107:5.4_beta5:::::::*
	cpe:2.3:a:e107:e107:5.4_beta6:::::::*
	cpe:2.3:a:e107:e107:5.05:::::::*
	cpe:2.3:a:e107:e107:5.21:::::::*

History

No history.

Information

Published : 2005-07-20 04:00

Updated : 2023-12-10 10:28

NVD link : CVE-2005-2327

Mitre link : CVE-2005-2327

CVE.ORG link : CVE-2005-2327

JSON object : View

Products Affected

e107

e107

CWE

NVD-CWE-Other

{"id": "CVE-2005-2327", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-07-20T04:00:00.000", "references": [{"url": "http://securitytracker.com/id?1014513", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/1106", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags."}, {"lang": "es", "value": "Vulnerabilidad de secuencia de comandos en sitios cruzados en e107 0.617 y anteriores permite que atacantes remotos inyecten script web arbitrario o HTML mediante tags anidadas \" [URL]BBCode\"."}], "lastModified": "2017-10-19T01:29:02.423", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:e107:e107:0.547_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "437C4251-886C-4E94-B7F6-AE34A0142A76"}, {"criteria": "cpe:2.3:a:e107:e107:0.548_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "761D4EE9-0D54-4370-BCBC-3C23481C127B"}, {"criteria": "cpe:2.3:a:e107:e107:0.549_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E11E3F9E-708E-44CB-8FD2-E4961028B732"}, {"criteria": "cpe:2.3:a:e107:e107:0.551_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F38EB42-437C-4381-B36A-FD3DB78E724E"}, {"criteria": "cpe:2.3:a:e107:e107:0.552_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ECC957BA-D96C-41B7-9BD4-2ECD37C9C924"}, {"criteria": "cpe:2.3:a:e107:e107:0.553_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E9E9AC1-5ECD-448F-B72A-1CE8228C2C22"}, {"criteria": "cpe:2.3:a:e107:e107:0.554_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FC4B3A4-2563-4C06-A484-5C02CD8F7408"}, {"criteria": "cpe:2.3:a:e107:e107:0.555_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC274184-AD8E-4BC2-BC6A-4E64F354BFFD"}, {"criteria": "cpe:2.3:a:e107:e107:0.600:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E80F85C-61AD-49C0-9EBF-B79F728F6A97"}, {"criteria": "cpe:2.3:a:e107:e107:0.601:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FE097FC-A525-4599-9FDA-1A011EECE767"}, {"criteria": "cpe:2.3:a:e107:e107:0.602:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FF51B0D-E020-491D-92A9-D2A01A7417AD"}, {"criteria": "cpe:2.3:a:e107:e107:0.603:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8692341-8DF2-4943-853A-4AAF1F313914"}, {"criteria": "cpe:2.3:a:e107:e107:0.604:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75197306-53DB-4C94-959B-C46D3FB1F42B"}, {"criteria": "cpe:2.3:a:e107:e107:0.605:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0C5C91C-C1C5-457D-9E09-24C7CACCC280"}, {"criteria": "cpe:2.3:a:e107:e107:0.606:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EB88C92-4F62-471A-8C10-C13C890E764F"}, {"criteria": "cpe:2.3:a:e107:e107:0.607:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5585DC36-C65F-4FCA-B26F-E4A7901863E7"}, {"criteria": "cpe:2.3:a:e107:e107:0.608:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2C7DD56C-66F7-421C-B211-07C7856112C9"}, {"criteria": "cpe:2.3:a:e107:e107:0.609:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E14B108-228D-454F-AF16-9D9086E4C10B"}, {"criteria": "cpe:2.3:a:e107:e107:0.610:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04C91C45-9A96-4E69-8A0A-D619AB45BC08"}, {"criteria": "cpe:2.3:a:e107:e107:0.611:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F7C68F4-9ECD-41A9-B4AE-48F028841428"}, {"criteria": "cpe:2.3:a:e107:e107:0.612:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "28B75E28-08DE-4CA2-A60B-FB2F61AEC5BA"}, {"criteria": "cpe:2.3:a:e107:e107:0.613:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9AA824A-CEE6-460B-A668-92FC3A822305"}, {"criteria": "cpe:2.3:a:e107:e107:0.614:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A51FBB3-42CE-40E1-A15D-ADDFBF8E203D"}, {"criteria": "cpe:2.3:a:e107:e107:0.615a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D17F613A-6BE1-4B45-8E40-8E44E0EEA756"}, {"criteria": "cpe:2.3:a:e107:e107:0.616:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5CB33E9-9AB8-482A-A196-768A2085A49C"}, {"criteria": "cpe:2.3:a:e107:e107:0.617:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12BD5CAD-0EB8-48F2-AF80-510584A83446"}, {"criteria": "cpe:2.3:a:e107:e107:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4189588A-A887-4D27-B3A0-48A3DBBD5E67"}, {"criteria": "cpe:2.3:a:e107:e107:5.3_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA26A71E-F1E6-4EA0-9165-F7989FB89B15"}, {"criteria": "cpe:2.3:a:e107:e107:5.3_beta2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C90BAB9-2ACE-48E4-BC15-E88C2C370B15"}, {"criteria": "cpe:2.3:a:e107:e107:5.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFD219A3-4958-4EA9-A914-37D4F0A8A24D"}, {"criteria": "cpe:2.3:a:e107:e107:5.4_beta1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3417C70B-E531-49C8-971E-CC349FB5AA1B"}, {"criteria": "cpe:2.3:a:e107:e107:5.4_beta3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB5EF2F8-0A65-4C8C-A4A3-9B9B1151509C"}, {"criteria": "cpe:2.3:a:e107:e107:5.4_beta4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62FBE3F6-7685-43BA-B63B-28AA79330323"}, {"criteria": "cpe:2.3:a:e107:e107:5.4_beta5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "94CC3B56-F1FC-452A-A0A7-4CF60089C1E9"}, {"criteria": "cpe:2.3:a:e107:e107:5.4_beta6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7524B12E-3D05-4CD1-B582-8A66EEC3F6DF"}, {"criteria": "cpe:2.3:a:e107:e107:5.05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "590FE150-07AF-4E25-B8F8-D0E8500D73B1"}, {"criteria": "cpe:2.3:a:e107:e107:5.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F515DEBF-B55A-4B42-8E1F-AB9A2C3DD8DF"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}