CVE-2008-2527 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Vector
NIST	NIST	4.3 UNKNOWN	NETWORK	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N
mitre	CNA	---			---
CVE	ADP	---			---

Base Score

CVSS 3.x

EPSS Score

Percentile: 55%

Vendor	Product	Version
actualscripts	actualanalyzer_gold	7.21
actualscripts	actualanalyzer_gold	7.22
actualscripts	actualanalyzer_gold	7.23
actualscripts	actualanalyzer_gold	7.24
actualscripts	actualanalyzer_gold	7.25
actualscripts	actualanalyzer_gold	7.31
actualscripts	actualanalyzer_gold	7.32
actualscripts	actualanalyzer_gold	7.33
actualscripts	actualanalyzer_gold	7.34
actualscripts	actualanalyzer_gold	7.35
actualscripts	actualanalyzer_gold	7.41
actualscripts	actualanalyzer_gold	7.42
actualscripts	actualanalyzer_gold	7.43
actualscripts	actualanalyzer_gold	7.51
actualscripts	actualanalyzer_gold	7.61
actualscripts	actualanalyzer_gold	7.62
actualscripts	actualanalyzer_gold	7.63
actualscripts	actualanalyzer_gold	7.64
actualscripts	actualanalyzer_gold	7.71
actualscripts	actualanalyzer_gold	7.72
actualscripts	actualanalyzer_gold	7.73
actualscripts	actualanalyzer_gold	7.74
actualscripts	actualanalyzer_lite	𝑥 ≤ 2.78
actualscripts	actualanalyzer_lite	2.77
actualscripts	actualanalyzer_pro	𝑥 ≤ 6.95
actualscripts	actualanalyzer_pro	6.65
actualscripts	actualanalyzer_pro	6.67
actualscripts	actualanalyzer_pro	6.68
actualscripts	actualanalyzer_pro	6.69
actualscripts	actualanalyzer_pro	6.71
actualscripts	actualanalyzer_pro	6.72
actualscripts	actualanalyzer_pro	6.73
actualscripts	actualanalyzer_pro	6.81
actualscripts	actualanalyzer_pro	6.82
actualscripts	actualanalyzer_pro	6.83
actualscripts	actualanalyzer_pro	6.85
actualscripts	actualanalyzer_pro	6.86
actualscripts	actualanalyzer_pro	6.87
actualscripts	actualanalyzer_pro	6.88
actualscripts	actualanalyzer_pro	6.89
actualscripts	actualanalyzer_pro	6.91
actualscripts	actualanalyzer_pro	6.92
actualscripts	actualanalyzer_pro	6.93
actualscripts	actualanalyzer_pro	6.94
actualscripts	actualanalyzer_server	𝑥 ≤ 8.37
actualscripts	actualanalyzer_server	8.02
actualscripts	actualanalyzer_server	8.11
actualscripts	actualanalyzer_server	8.21
actualscripts	actualanalyzer_server	8.22
actualscripts	actualanalyzer_server	8.23
actualscripts	actualanalyzer_server	8.24
actualscripts	actualanalyzer_server	8.25
actualscripts	actualanalyzer_server	8.31
actualscripts	actualanalyzer_server	8.32
actualscripts	actualanalyzer_server	8.33
actualscripts	actualanalyzer_server	8.34
actualscripts	actualanalyzer_server	8.35
actualscripts	actualanalyzer_server	8.36

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://secunia.com/advisories/30205

http://www.majorsecurity.de/index_2.php?major_rls=major_rls52

http://www.securityfocus.com/archive/1/491982/100/0/threaded

http://www.securityfocus.com/bid/29177

https://exchange.xforce.ibmcloud.com/vulnerabilities/42367

http://secunia.com/advisories/30205

http://www.majorsecurity.de/index_2.php?major_rls=major_rls52

http://www.securityfocus.com/archive/1/491982/100/0/threaded

http://www.securityfocus.com/bid/29177

https://exchange.xforce.ibmcloud.com/vulnerabilities/42367