Lucene search
HistoryMar 01, 2005 - 5:00 a.m.
CVE-2005-0629
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.005
Percentile
76.6%
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in 427BB 2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) Avatar parameters.
Affected configurations
Node
427bbfourtwosevenbbMatch2.0
OR427bbfourtwosevenbbMatch2.0.1
OR427bbfourtwosevenbbMatch2.1
OR427bbfourtwosevenbbMatch2.1.1
OR427bbfourtwosevenbbMatch2.1.2
OR427bbfourtwosevenbbMatch2.1.3
OR427bbfourtwosevenbbMatch2.2
OR427bbfourtwosevenbbMatch2.2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| 427bb | fourtwosevenbb | 2.0 | cpe:2.3:a:427bb:fourtwosevenbb:2.0:*:*:*:*:*:*:* |
| 427bb | fourtwosevenbb | 2.0.1 | cpe:2.3:a:427bb:fourtwosevenbb:2.0.1:*:*:*:*:*:*:* |
| 427bb | fourtwosevenbb | 2.1 | cpe:2.3:a:427bb:fourtwosevenbb:2.1:*:*:*:*:*:*:* |
| 427bb | fourtwosevenbb | 2.1.1 | cpe:2.3:a:427bb:fourtwosevenbb:2.1.1:*:*:*:*:*:*:* |
| 427bb | fourtwosevenbb | 2.1.2 | cpe:2.3:a:427bb:fourtwosevenbb:2.1.2:*:*:*:*:*:*:* |
| 427bb | fourtwosevenbb | 2.1.3 | cpe:2.3:a:427bb:fourtwosevenbb:2.1.3:*:*:*:*:*:*:* |
| 427bb | fourtwosevenbb | 2.2 | cpe:2.3:a:427bb:fourtwosevenbb:2.2:*:*:*:*:*:*:* |
| 427bb | fourtwosevenbb | 2.2.1 | cpe:2.3:a:427bb:fourtwosevenbb:2.2.1:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
427BB 2.x - Multiple Remote HTML Injection Vulnerabilities
2005-03-01 00:00:00
cve
cve
CVE-2005-0629
2005-03-04 05:00:00
cvelist
cvelist
CVE-2005-0629
2005-03-04 05:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.005
Percentile
76.6%
Related for NVD:CVE-2005-0629