CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2261

Cross-site scripting (XSS) vulnerability in e107 allows remote attackers to inject arbitrary script or HTML via the "login name/author" field in the (1) news submit or (2) article submit functions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://secunia.com/advisories/11567
http://securitytracker.com/id?1010084
http://www.osvdb.org/5982
http://www.securityfocus.com/bid/10293
https://exchange.xforce.ibmcloud.com/vulnerabilities/16087
http://secunia.com/advisories/11567
http://securitytracker.com/id?1010084
http://www.osvdb.org/5982
http://www.securityfocus.com/bid/10293
https://exchange.xforce.ibmcloud.com/vulnerabilities/16087

Products affected by CVE-2004-2261

E107 » E107 » Version: 0.545

cpe:2.3:a:e107:e107:0.545
E107 » E107 » Version: 0.554

cpe:2.3:a:e107:e107:0.554
E107 » E107 » Version: 0.555_beta

cpe:2.3:a:e107:e107:0.555_beta
E107 » E107 » Version: 0.603

cpe:2.3:a:e107:e107:0.603
E107 » E107 » Version: 0.610

cpe:2.3:a:e107:e107:0.610
E107 » E107 » Version: 0.611

cpe:2.3:a:e107:e107:0.611
E107 » E107 » Version: 0.612

cpe:2.3:a:e107:e107:0.612
E107 » E107 » Version: 0.613

cpe:2.3:a:e107:e107:0.613
E107 » E107 » Version: 0.614

cpe:2.3:a:e107:e107:0.614

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2261

Products

Pricing

Contact Us