nvd-json-data-feeds/CVE-2005/CVE-2005-23xx/CVE-2005-2324.json

{
  "id": "CVE-2005-2324",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2005-07-19T04:00:00.000",
  "lastModified": "2008-09-05T20:51:28.803",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in Clever Copy 2.0 and 2.0a allows remote attackers to inject arbitrary web script or HTML via the searchtype or searchterm parameters to (1) results.php or (2) categorysearch.php."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de secuencia de comandos en sitios cruzados en Clever Copy 2.0 y 2.0a permite que atacantes remotos inyecten script web arbitrario o HTML mediante los par\u00e1metros \"searchtype\" o \"searchterm\" en \"results.php\" o \"categorysearch.php\"."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:clever_copy:clever_copy:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F5DD585-BF9F-4AE5-B112-A6D9AB1ACDCC"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:clever_copy:clever_copy:2.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F4679FE-E971-435C-AED0-6E1DB3E561E0"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://lostmon.blogspot.com/2005/07/clever-copy-path-disclosure-and-xss.html",
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ]
    }
  ]
}