Lucene search
MitreCVE-2007-5427HistoryOct 12, 2007 - 11:17 p.m.
CVE-2007-5427
2007-10-1223:17:00
CWE-79
mitre
web.nvd.nist.gov
27
cve-2007-5427
xss
vulnerability
joomla
com_search
cve-2007-4189.1
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.009
Percentile
82.9%
Cross-site scripting (XSS) vulnerability in the com_search component in Joomla! 1.0.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. NOTE: this might be related to CVE-2007-4189.1.
Affected configurations
Node
joomlacom_search_component
ORjoomlajoomlaRange≤1.0.13
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomla | com_search_component | * | cpe:2.3:a:joomla:com_search_component:*:*:*:*:*:*:*:* |
| joomla | joomla | * | cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2007-10-12 23:17:00
Cross site scripting
2007-08-08 01:17:00
cvelist
cvelist
CVE-2007-5427
2007-10-12 23:00:00
CVE-2007-4189
2007-08-08 01:11:00
nvd
nvd
CVE-2007-5427
2007-10-12 23:17:00
CVE-2007-4189
2007-08-08 01:17:00
exploitdb
exploitdb
Joomla! Component Search 1.0.13 - SearchWord Cross-Site Scripting
2007-10-11 00:00:00
cve
cve
CVE-2007-4189
2007-08-08 01:17:00
nessus
nessus
Joomla! com_content Component 'order' Parameter XSS
2007-08-01 00:00:00
freebsd
freebsd
joomla -- multiple vulnerabilities
2007-07-30 00:00:00
openvas
openvas
FreeBSD Ports: joomla
2008-09-04 00:00:00
FreeBSD Ports: joomla
2008-09-04 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.7
Confidence
High
EPSS
0.009
Percentile
82.9%
Related for CVE-2007-5427