Lucene search

[email protected]NVD:CVE-2007-4165

HistoryAug 07, 2007 - 10:17 a.m.

CVE-2007-4165

2007-08-0710:17:00

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.016

Percentile

87.6%

JSON

Cross-site scripting (XSS) vulnerability in index.php in the Blue Memories theme 1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter, possibly a related issue to CVE-2007-2757 and CVE-2007-4014. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

Nvd

Node

xuyiyangblue_memories_themeMatch1.5wordpress

VendorProductVersionCPE
xuyiyangblue_memories_theme1.5cpe:2.3:a:xuyiyang:blue_memories_theme:1.5:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
xuyiyang	blue_memories_theme	1.5	cpe:2.3:a:xuyiyang:blue_memories_theme:1.5:::::wordpress::

References

secunia.com/advisories/26345

www.osvdb.org/36603

www.securityfocus.com/bid/25215

xuyiyang.com/2007/06/22/blue-memories-and-spring-updated/

exchange.xforce.ibmcloud.com/vulnerabilities/35817

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.016

Percentile

87.6%

JSON

Related for NVD:CVE-2007-4165

prion4 cve4 ubuntucve1 debiancve1 cvelist4 nvd3 patchstack1 exploitdb1