mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
248 lines
9.0 KiB
JSON
248 lines
9.0 KiB
JSON
{
|
|
"id": "CVE-2005-2392",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2005-07-27T04:00:00.000",
|
|
"lastModified": "2018-10-19T15:32:47.830",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de secuencia de comandos en sitios cruzados en index.php para CMSSimple 2.4 y anteriores permite que atacantes remotos inyecten script web arbitrario o HTML mediante el par\u00e1metro \"search\" en la funci\u00f3n de b\u00fasqueda."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.3
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "43F7E5BD-553E-4731-BED1-7E7DB772AD82"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "574E610A-4799-45C9-B005-C1593B033AD9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A2FA0450-91E6-4250-A1D1-F2CFBB74A5B3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7DEC1EBC-1DBA-4350-8B34-7A872C62B6BC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:beta2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "078B102C-748B-4847-8413-71659982AF01"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9CD2DC53-EA5E-41A3-A972-EE0CBE71A8C0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AA355EC8-6FDF-44AC-93AF-3BA62F933EF0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "77432D04-7A08-4897-9067-F1172C4B3444"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:beta4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "77BE8ADE-AD39-429F-BF60-AE403B653FB9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6DBC33E0-708B-497A-B3F7-33A525144256"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "221D0520-DAF7-4812-B94B-0E3630A967EB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7A477E39-3EB1-418F-9D55-E873815ADCF3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D2E86AAE-9DD4-426A-B004-794F6FD3571B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BF28FC3C-37D2-4468-A309-D5B71CA16BB3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2:beta4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "264C0C12-D60B-4657-90B1-243F037F8B63"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1580903B-ED0B-4EFC-B1AF-982641D13B5A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "882FBDD4-ADF3-457C-811A-DC02D0079F72"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1CA83E3C-D14C-453A-B8A4-729C910D79D1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3272B7A3-F5E6-469B-A308-56EDF7C831B9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "16F2CC21-339B-4B38-AFD3-6CBA1A0BE61E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.3:beta5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DE9F185C-B41B-4E85-AB52-654738602581"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C67479D1-4D79-4819-9C70-24D9B146DB12"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "94838957-A9DC-4155-B747-696B4E49B2DD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta3:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CA2C53DD-CDA9-4678-A933-54CD32B6F43D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta4:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BCB1C968-DE13-47E9-A0B1-E2DA1A1C8CD7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4:beta5:*:*:*:*:*:*",
|
|
"matchCriteriaId": "439F7115-7B8F-4A95-B748-795E7D1C80A8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:2.4_beta:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "311645A8-2614-4D07-AC73-A164BC5BFD68"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:beta_1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "467CF107-2801-4251-9223-38536E7EAA78"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cmsmadesimple:cms_made_simple:beta_2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0BAB9F8A-AB22-4A8F-9BF2-B58D9878B920"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1014556",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.aria-security.net/advisory/cmsimple.txt",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.cmsimple.dk/forum/viewtopic.php?t=2470",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/442106/100/100/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/14346",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
}
|
|
]
|
|
} |