CVE-2013-2750

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2013-2750
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://sourceforge.net/p/e107/svn/13079
http://www.securityfocus.com/archive/1/526168
https://www.secuvera.de/advisories/TC-SA-2013-01.txt
http://sourceforge.net/p/e107/svn/13079
http://www.securityfocus.com/archive/1/526168
https://www.secuvera.de/advisories/TC-SA-2013-01.txt
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.0:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.1:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.3:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.4:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.5:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.6:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.7:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.8:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.9:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.10:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.11:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.12:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.13:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.14:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.15:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.16:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.17:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.18:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.19:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.20:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.21:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.22:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.24:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:0.7.26:*:*:*:*:*:*:*
cpe:2.3:a:e107:e107:1.0.1:*:*:*:*:*:*:*
History

21 Nov 2024, 01:52

Type Values Removed Values Added
References () http://sourceforge.net/p/e107/svn/13079 - () http://sourceforge.net/p/e107/svn/13079 -
References () http://www.securityfocus.com/archive/1/526168 - () http://www.securityfocus.com/archive/1/526168 -
References () https://www.secuvera.de/advisories/TC-SA-2013-01.txt - () https://www.secuvera.de/advisories/TC-SA-2013-01.txt -
Information

Published : 2014-01-22 19:55

Updated : 2025-04-11 00:51

NVD link : CVE-2013-2750

Mitre link : CVE-2013-2750

CVE.ORG link : CVE-2013-2750

JSON object : View

Products Affected

e107

  • e107
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')