CVE-2005-4307 in ScareCrowinfo

Summary

Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

12/16/2005

Disclosure

12/16/2005

Moderation

VulDB entry created

Entries

VDB-27556 (1)

CPE

ready

CWE

CWE-80 (Confirmed)

Exploit

Download

CVSS

4.3

EPSS

0.01509

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2005-4307
NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-4307
CVE Details	https://www.cvedetails.com/cve/CVE-2005-4307/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!