NVD

Id
72417  
Name
CVE-2004-2040  
Description
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-07-18  
Published
2004-05-29  
Modified Date
2017-07-10  
Seq
2004-2040  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
373731 72417 CVE-2004-2040 20040529 [waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615]  View
373732 72417 CVE-2004-2040 20040529 [waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615]  View
373733 72417 CVE-2004-2040 10436  View
373734 72417 CVE-2004-2040 http://www.waraxe.us/index.php?modname=sa&id=31  View
373735 72417 CVE-2004-2040 e107-clock-menu-xss(16279)  View
373736 72417 CVE-2004-2040 e107-email-friend-xss(16280)  View
373737 72417 CVE-2004-2040 e107-user-setting-xss(16281)  View

Related JVN