Vulnerability Description
e107 0.6174 allows remote attackers to redirect users to other web sites via the download parameter in rate.php, which is used after a user submits a file download rating. NOTE: in the default installation, the e_BASE variable restricts the redirection to the same web site.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| E107 | E107 | 0.6174 |
References
- http://secunia.com/advisories/17890/ExploitVendor Advisory
- http://securityreason.com/securityalert/229
- http://www.securityfocus.com/archive/1/418577/100/0/threaded
- http://secunia.com/advisories/17890/ExploitVendor Advisory
- http://securityreason.com/securityalert/229
- http://www.securityfocus.com/archive/1/418577/100/0/threaded
FAQ
What is CVE-2005-4052?
CVE-2005-4052 is a vulnerability with a CVSS score of 5.0 (MEDIUM). e107 0.6174 allows remote attackers to redirect users to other web sites via the download parameter in rate.php, which is used after a user submits a file download rating. NOTE: in the default instal...
How severe is CVE-2005-4052?
CVE-2005-4052 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-4052?
Check the references section above for vendor advisories and patch information. Affected products include: E107 E107.