CVE-2010-4757

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cross-site scripting (XSS) vulnerability in submitnews.php in e107 before 0.7.23 allows remote attackers to inject arbitrary web script or HTML via the submitnews_title parameter, a different vector than CVE-2008-6208. NOTE: some of these details are obtained from third party information. NOTE: this might be the same as CVE-2009-4083.1 or CVE-2011-0457.

Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en submitnews.php de e107 en versiones anteriores a la 0.7.23 permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través del parámetro submitnews_title. Un vector diferente al del CVE-2008-6208. NOTA: algunos de estos detalles han sido obtenidos de información de terceras partes. NOTA: puede ser el mismo al del CVE-2009-4083.1 o CVE-2011-0457.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2011-03-15 CVE Reserved
2011-03-15 CVE Published
2023-03-07 EPSS Updated
2024-08-07 CVE Updated
2024-08-07 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (6)

URL	Tag	Source
http://e107.org/svn_changelog.php?version=0.7.23	X_refsource_confirm
http://securitytracker.com/id?1024351	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/61331	Vdb Entry

URL	Date	SRC
http://www.madirish.net/?article=471	2024-08-07

URL	Date	SRC
http://e107.org/comment.php?comment.news.872	2017-08-17
http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/e107_admin/newspost.php?r1=11655&r2=11654&pathrev=11655	2017-08-17

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				<= 0.7.22 Search vendor "E107" for product "E107" and version " <= 0.7.22"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6_10 Search vendor "E107" for product "E107" and version "0.6_10"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6_11 Search vendor "E107" for product "E107" and version "0.6_11"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6_12 Search vendor "E107" for product "E107" and version "0.6_12"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6_13 Search vendor "E107" for product "E107" and version "0.6_13"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6_14 Search vendor "E107" for product "E107" and version "0.6_14"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6_15 Search vendor "E107" for product "E107" and version "0.6_15"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6_15a Search vendor "E107" for product "E107" and version "0.6_15a"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7 Search vendor "E107" for product "E107" and version "0.7"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.0 Search vendor "E107" for product "E107" and version "0.7.0"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.1 Search vendor "E107" for product "E107" and version "0.7.1"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.2 Search vendor "E107" for product "E107" and version "0.7.2"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.3 Search vendor "E107" for product "E107" and version "0.7.3"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.4 Search vendor "E107" for product "E107" and version "0.7.4"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.5 Search vendor "E107" for product "E107" and version "0.7.5"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.6 Search vendor "E107" for product "E107" and version "0.7.6"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.7 Search vendor "E107" for product "E107" and version "0.7.7"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.8 Search vendor "E107" for product "E107" and version "0.7.8"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.9 Search vendor "E107" for product "E107" and version "0.7.9"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.10 Search vendor "E107" for product "E107" and version "0.7.10"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.11 Search vendor "E107" for product "E107" and version "0.7.11"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.12 Search vendor "E107" for product "E107" and version "0.7.12"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.13 Search vendor "E107" for product "E107" and version "0.7.13"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.14 Search vendor "E107" for product "E107" and version "0.7.14"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.15 Search vendor "E107" for product "E107" and version "0.7.15"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.16 Search vendor "E107" for product "E107" and version "0.7.16"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.17 Search vendor "E107" for product "E107" and version "0.7.17"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.18 Search vendor "E107" for product "E107" and version "0.7.18"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.19 Search vendor "E107" for product "E107" and version "0.7.19"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.20 Search vendor "E107" for product "E107" and version "0.7.20"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.21 Search vendor "E107" for product "E107" and version "0.7.21"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.545 Search vendor "E107" for product "E107" and version "0.545"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.547 Search vendor "E107" for product "E107" and version "0.547"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.548 Search vendor "E107" for product "E107" and version "0.548"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.549 Search vendor "E107" for product "E107" and version "0.549"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.551 Search vendor "E107" for product "E107" and version "0.551"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.552 Search vendor "E107" for product "E107" and version "0.552"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.553 Search vendor "E107" for product "E107" and version "0.553"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.554 Search vendor "E107" for product "E107" and version "0.554"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.554 Search vendor "E107" for product "E107" and version "0.554"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.555 Search vendor "E107" for product "E107" and version "0.555"		beta		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.600 Search vendor "E107" for product "E107" and version "0.600"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.601 Search vendor "E107" for product "E107" and version "0.601"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.602 Search vendor "E107" for product "E107" and version "0.602"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.603 Search vendor "E107" for product "E107" and version "0.603"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.604 Search vendor "E107" for product "E107" and version "0.604"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.605 Search vendor "E107" for product "E107" and version "0.605"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.606 Search vendor "E107" for product "E107" and version "0.606"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.607 Search vendor "E107" for product "E107" and version "0.607"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.608 Search vendor "E107" for product "E107" and version "0.608"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.609 Search vendor "E107" for product "E107" and version "0.609"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.610 Search vendor "E107" for product "E107" and version "0.610"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.611 Search vendor "E107" for product "E107" and version "0.611"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.612 Search vendor "E107" for product "E107" and version "0.612"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.613 Search vendor "E107" for product "E107" and version "0.613"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.614 Search vendor "E107" for product "E107" and version "0.614"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.615 Search vendor "E107" for product "E107" and version "0.615"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.615a Search vendor "E107" for product "E107" and version "0.615a"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.616 Search vendor "E107" for product "E107" and version "0.616"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.617 Search vendor "E107" for product "E107" and version "0.617"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6171 Search vendor "E107" for product "E107" and version "0.6171"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6172 Search vendor "E107" for product "E107" and version "0.6172"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6173 Search vendor "E107" for product "E107" and version "0.6173"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6174 Search vendor "E107" for product "E107" and version "0.6174"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.6175 Search vendor "E107" for product "E107" and version "0.6175"		-		Affected