CVE-2013-2750

e107 - 'content_preset.php' Cross-Site Scripting

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string.

Vulnerabilidad de XSS en e107_plugins/content/handlers/content_preset.php de e107 anterior a la versión 1.0.3 permite a atacantes remotos inyectar script Web o HTML arbitrario a través de una cadena de consulta.

e107 CMS version 1.0.2 suffers from a reflective cross site scripting vulnerability.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-04-02 CVE Reserved
2013-04-03 CVE Published
2013-04-03 First Exploit
2024-04-27 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CAPEC

References (4)

URL	Tag	Source
http://sourceforge.net/p/e107/svn/13079	X_refsource_confirm
http://www.securityfocus.com/archive/1/526168	Mailing List
https://www.secuvera.de/advisories/TC-SA-2013-01.txt	X_refsource_misc

URL	Date	SRC
https://www.exploit-db.com/exploits/38416	2013-04-03

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				<= 1.0.2 Search vendor "E107" for product "E107" and version " <= 1.0.2"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.0 Search vendor "E107" for product "E107" and version "0.7.0"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.1 Search vendor "E107" for product "E107" and version "0.7.1"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.2 Search vendor "E107" for product "E107" and version "0.7.2"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.3 Search vendor "E107" for product "E107" and version "0.7.3"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.4 Search vendor "E107" for product "E107" and version "0.7.4"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.5 Search vendor "E107" for product "E107" and version "0.7.5"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.6 Search vendor "E107" for product "E107" and version "0.7.6"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.7 Search vendor "E107" for product "E107" and version "0.7.7"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.8 Search vendor "E107" for product "E107" and version "0.7.8"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.9 Search vendor "E107" for product "E107" and version "0.7.9"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.10 Search vendor "E107" for product "E107" and version "0.7.10"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.11 Search vendor "E107" for product "E107" and version "0.7.11"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.12 Search vendor "E107" for product "E107" and version "0.7.12"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.13 Search vendor "E107" for product "E107" and version "0.7.13"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.14 Search vendor "E107" for product "E107" and version "0.7.14"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.15 Search vendor "E107" for product "E107" and version "0.7.15"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.16 Search vendor "E107" for product "E107" and version "0.7.16"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.17 Search vendor "E107" for product "E107" and version "0.7.17"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.18 Search vendor "E107" for product "E107" and version "0.7.18"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.19 Search vendor "E107" for product "E107" and version "0.7.19"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.20 Search vendor "E107" for product "E107" and version "0.7.20"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.21 Search vendor "E107" for product "E107" and version "0.7.21"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.22 Search vendor "E107" for product "E107" and version "0.7.22"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.24 Search vendor "E107" for product "E107" and version "0.7.24"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				0.7.26 Search vendor "E107" for product "E107" and version "0.7.26"		-		Affected
E107 Search vendor "E107"		E107 Search vendor "E107" for product "E107"				1.0.1 Search vendor "E107" for product "E107" and version "1.0.1"		-		Affected