Lucene search

[email protected]CVE-2007-5312

HistoryOct 09, 2007 - 9:17 p.m.

CVE-2007-5312

2007-10-0921:17:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2007-5312

xss vulnerability

torrenttrader classic 1.07

web script injection

html injection

nvd

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.4%

JSON

Cross-site scripting (XSS) vulnerability in TorrentTrader Classic 1.07 allows remote attackers to inject arbitrary web script or HTML via the (1) color parameter to pjirc/css.php and the (2) cat parameter to browse.php.

Affected configurations

NVD

Node

torrenttradertorrenttraderMatch1.07classic_edition

CPENameOperatorVersion
torrenttrader:torrenttradertorrenttradereq1.07

CPE	Name	Operator	Version
torrenttrader:torrenttrader	torrenttrader	eq	1.07

References

osvdb.org/37653

osvdb.org/37654

secunia.com/advisories/27109

securityreason.com/securityalert/3207

www.securityfocus.com/archive/1/481749/100/0/threaded

www.securityfocus.com/bid/25962

www.vupen.com/english/advisories/2007/3451

exchange.xforce.ibmcloud.com/vulnerabilities/37005

www.exploit-db.com/exploits/4500

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.4%

JSON

Related for CVE-2007-5312

cvelist1 nvd1 prion1