{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-05-13T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-11T19:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "30205", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30205"}, {"name": "29177", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29177"}, {"name": "actualanalyzer-view-xss(42367)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42367"}, {"tags": ["x_refsource_MISC"], "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls52"}, {"name": "20080512 [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/491982/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2527", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "30205", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30205"}, {"name": "29177", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29177"}, {"name": "actualanalyzer-view-xss(42367)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42367"}, {"name": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls52", "refsource": "MISC", "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls52"}, {"name": "20080512 [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/491982/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:05:29.915Z"}, "title": "CVE Program Container", "references": [{"name": "30205", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30205"}, {"name": "29177", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29177"}, {"name": "actualanalyzer-view-xss(42367)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42367"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls52"}, {"name": "20080512 [MajorSecurity Advisory #52]ActualAnalyzer family - Cross Site Scripting Issues", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/491982/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2527", "datePublished": "2008-06-03T15:00:00", "dateReserved": "2008-06-03T00:00:00", "dateUpdated": "2024-08-07T09:05:29.915Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.21:*:*:*:*:*:*:*", "matchCriteriaId": "84C4C0A4-C302-48FF-A846-798FB5F741B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.22:*:*:*:*:*:*:*", "matchCriteriaId": "9CB150B0-6627-4885-8156-23FBEC90CC8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.23:*:*:*:*:*:*:*", "matchCriteriaId": "6BF0D23B-EC1E-4283-B828-62518272264F", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.24:*:*:*:*:*:*:*", "matchCriteriaId": "A9C2DEDB-1FC6-41B9-9B46-9250CE96A92B", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.25:*:*:*:*:*:*:*", "matchCriteriaId": "EE990B6A-A462-4911-BABF-15BE06F11953", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.31:*:*:*:*:*:*:*", "matchCriteriaId": "62239E3B-9683-47D6-9C6E-B258FCF0B5C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.32:*:*:*:*:*:*:*", "matchCriteriaId": "47D1914D-EAE7-41E0-8595-F3E411C2107F", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.33:*:*:*:*:*:*:*", "matchCriteriaId": "3EDDE8B2-272F-469E-93FB-521648C20923", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.34:*:*:*:*:*:*:*", "matchCriteriaId": "F131CE41-DF5B-4028-A569-12DCD83E84EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.35:*:*:*:*:*:*:*", "matchCriteriaId": "51EC963F-85B0-4AC6-B9F4-C5207ACC8ED4", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.41:*:*:*:*:*:*:*", "matchCriteriaId": "3C351BD4-FD34-4163-8576-96AF03AD2FBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.42:*:*:*:*:*:*:*", "matchCriteriaId": "D0FF13AF-94DA-45DC-9B02-2285D3D1A0A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.43:*:*:*:*:*:*:*", "matchCriteriaId": "80254CC7-2095-4DCA-89A8-79A165A06CC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.51:*:*:*:*:*:*:*", "matchCriteriaId": "CAA67108-D81C-4441-9430-79C6C809233A", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.61:*:*:*:*:*:*:*", "matchCriteriaId": "CE9D366A-2FBB-4851-B3B4-F8A28BAAEDBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.62:*:*:*:*:*:*:*", "matchCriteriaId": "C1414F9D-8BC9-4184-A4DF-D8F652FBA698", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.63:*:*:*:*:*:*:*", "matchCriteriaId": "63925B25-2D98-4C15-9551-43C08DAEFA46", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.64:*:*:*:*:*:*:*", "matchCriteriaId": "4B170756-152F-41C6-B01C-43D47F27FC6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.71:*:*:*:*:*:*:*", "matchCriteriaId": "7D008E5B-274F-4B48-9AC9-2E2D9D2D63C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.72:*:*:*:*:*:*:*", "matchCriteriaId": "F44D339C-A99B-4CF2-B33C-05332E920201", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.73:*:*:*:*:*:*:*", "matchCriteriaId": "6296CB47-CC05-4B19-B585-47B0B8CCBCEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_gold:7.74:*:*:*:*:*:*:*", "matchCriteriaId": "A92292B9-190F-4739-B1A4-F698DC1A414B", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_lite:*:*:*:*:*:*:*:*", "matchCriteriaId": "1EB47481-B5E5-4A16-A1BB-AE54B9DAFCC0", "versionEndIncluding": "2.78", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_lite:2.77:*:*:*:*:*:*:*", "matchCriteriaId": "9891C9AE-4771-425B-BC69-DFD9DD1EC15D", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:*:*:*:*:*:*:*:*", "matchCriteriaId": "6C4DE876-8E46-41B6-B5BC-486B1AB41BB7", "versionEndIncluding": "6.95", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.65:*:*:*:*:*:*:*", "matchCriteriaId": "B8A4F891-6BC3-4CFB-85C0-16D517471003", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.67:*:*:*:*:*:*:*", "matchCriteriaId": "1F1EE755-89E9-4A9C-936B-09FF21199242", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.68:*:*:*:*:*:*:*", "matchCriteriaId": "943123CD-C7BE-4DAE-B15B-ED0C8AF3CE91", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.69:*:*:*:*:*:*:*", "matchCriteriaId": "0ADEEE15-3B3D-4F02-AC08-F0225BC4796F", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.71:*:*:*:*:*:*:*", "matchCriteriaId": "03A7A0AA-146D-4E46-B91E-8A0F834C8389", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.72:*:*:*:*:*:*:*", "matchCriteriaId": "A69A1D73-13CB-4CA3-A9B0-E3FEEF7169A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.73:*:*:*:*:*:*:*", "matchCriteriaId": "B97B37AE-B7E4-4BC7-9416-D81B597A6570", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.81:*:*:*:*:*:*:*", "matchCriteriaId": "AE522273-5E82-4F3D-8444-27120CFB5AC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.82:*:*:*:*:*:*:*", "matchCriteriaId": "AAAE21ED-FA96-4C1D-B4B5-A53A6E0A5DBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.83:*:*:*:*:*:*:*", "matchCriteriaId": "A2C66F75-D9A7-4D0A-BE6A-43794E2216A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.85:*:*:*:*:*:*:*", "matchCriteriaId": "8F840ACB-2135-476C-A3FE-0E47DA783CDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.86:*:*:*:*:*:*:*", "matchCriteriaId": "CBA5B7B0-4FF8-4A0B-B3DA-4A18B2F9737E", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.87:*:*:*:*:*:*:*", "matchCriteriaId": "D4FA123C-F306-493E-8654-6F1DCAC13FA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.88:*:*:*:*:*:*:*", "matchCriteriaId": "1B1169E4-2D5D-4E97-BA4D-324CF22E3537", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.89:*:*:*:*:*:*:*", "matchCriteriaId": "0EE9EA11-CAB9-40F7-9370-52EBCC899688", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.91:*:*:*:*:*:*:*", "matchCriteriaId": "8544DE68-4397-4896-960B-A165CEC0BCEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.92:*:*:*:*:*:*:*", "matchCriteriaId": "030F6DFE-435A-4336-B109-3B852885B765", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.93:*:*:*:*:*:*:*", "matchCriteriaId": "369D9B53-A0AB-4BD4-B999-3F101F9DDAA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_pro:6.94:*:*:*:*:*:*:*", "matchCriteriaId": "7E1A3DE1-2A1C-4B01-B54B-96B20624C796", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D31537A-343E-49AC-B899-81BEEC4DA33B", "versionEndIncluding": "8.37", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.02:*:*:*:*:*:*:*", "matchCriteriaId": "7D93B9A5-8ECA-48E5-83FC-8BC18A9DEFF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.11:*:*:*:*:*:*:*", "matchCriteriaId": "D780330E-6E98-4B68-AA8C-DFD2F3A69DB8", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.21:*:*:*:*:*:*:*", "matchCriteriaId": "A7C13DAD-D135-4726-8B69-3E8C484F4E26", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.22:*:*:*:*:*:*:*", "matchCriteriaId": "E4C2839D-ED01-4D74-B4CC-193096F4380F", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.23:*:*:*:*:*:*:*", "matchCriteriaId": "BBF44AC0-C254-4530-8DAD-A3CB751D7715", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.24:*:*:*:*:*:*:*", "matchCriteriaId": "2749EFC0-CA16-4E4C-B874-DE1F3736F713", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.25:*:*:*:*:*:*:*", "matchCriteriaId": "EC10445F-6106-412F-B8B5-3780C31CCDDF", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.31:*:*:*:*:*:*:*", "matchCriteriaId": "1A2D684F-851B-4FD1-8722-B8D838853DBE", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.32:*:*:*:*:*:*:*", "matchCriteriaId": "4E6D9E30-ED22-4F1C-AABB-3C4C996AA8AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.33:*:*:*:*:*:*:*", "matchCriteriaId": "ED190E87-D032-4924-93D1-F8136BACC62D", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.34:*:*:*:*:*:*:*", "matchCriteriaId": "B5782A31-64CE-448C-9330-8EFF35BF6476", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.35:*:*:*:*:*:*:*", "matchCriteriaId": "D74B64ED-F2D6-4456-9063-1E4DCD6E1F3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:actualscripts:actualanalyzer_server:8.36:*:*:*:*:*:*:*", "matchCriteriaId": "EB220C92-1132-4A3B-83B7-20047C8D4054", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the language parameter."}, {"lang": "es", "value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en view.php de ActualScripts ActualAnalyzer Server 8.37 y versiones anteriores, ActualAnalyzer Gold 7.74 y versiones anteriores, ActualAnalyzer Pro 6.95 y versiones anteriores, y ActualAnalyzer Lite 2.78 permite a atacantes remotos inyectar web script o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro language."}], "id": "CVE-2008-2527", "lastModified": "2018-10-11T20:41:47.287", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-06-03T15:32:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30205"}, {"source": "cve@mitre.org", "url": "http://www.majorsecurity.de/index_2.php?major_rls=major_rls52"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/491982/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29177"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42367"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}