{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-11-07T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07"}, {"name": "49659", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/49659"}, {"name": "32183", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/32183"}, {"tags": ["x_refsource_MISC"], "url": "http://holisticinfosec.org/content/view/91/45/"}, {"name": "silva-fulltext-xss(46427)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46427"}, {"name": "32585", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32585"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-5786", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07", "refsource": "CONFIRM", "url": "http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07"}, {"name": "49659", "refsource": "OSVDB", "url": "http://www.osvdb.org/49659"}, {"name": "32183", "refsource": "BID", "url": "http://www.securityfocus.com/bid/32183"}, {"name": "http://holisticinfosec.org/content/view/91/45/", "refsource": "MISC", "url": "http://holisticinfosec.org/content/view/91/45/"}, {"name": "silva-fulltext-xss(46427)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46427"}, {"name": "32585", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32585"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T11:04:44.496Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07"}, {"name": "49659", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/49659"}, {"name": "32183", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/32183"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://holisticinfosec.org/content/view/91/45/"}, {"name": "silva-fulltext-xss(46427)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46427"}, {"name": "32585", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32585"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-5786", "datePublished": "2008-12-31T11:00:00", "dateReserved": "2008-12-30T00:00:00", "dateUpdated": "2024-08-07T11:04:44.496Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:infrae:silva:1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "BDC5F3F4-193C-4008-89DE-2C57E4C11E53", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CADC1549-2548-4C5F-A6EE-9A8676E07F1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "37F28947-F4E3-4A18-A54F-8BCC8EFD81EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B2726264-675C-4B0D-99F0-EB5B98AE3D29", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "8182A4CB-A9FC-44E0-A086-2F1C9B328D1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "8536FC3B-62A2-457B-AF5A-49019A02CC92", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F6CDB488-5AF8-4D9C-91DE-90771CE6C4E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.1b1:*:*:*:*:*:*:*", "matchCriteriaId": "25F6946D-B16C-4A28-8421-C91C78EDC1E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.1b2:*:*:*:*:*:*:*", "matchCriteriaId": "8313F394-6B86-4921-AA79-02860A1CDDEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "6BA48537-123A-40D9-9E50-58DF27F09ABB", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D8A288B6-3D0A-4E24-A40D-34746E1D6D19", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "18905BD4-4F53-4C59-A7A5-E0EF31F36244", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "156E4C2A-0CCC-4C61-9C63-81F72FDA7C0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.2b1:*:*:*:*:*:*:*", "matchCriteriaId": "5F2F33F1-31B9-4A04-BD62-CCEF423EE28F", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4CF909D5-D106-4450-8911-37F0DD0C34E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.3b3:*:*:*:*:*:*:*", "matchCriteriaId": "EAADD71D-A56E-4E4E-A496-5413B66DFA0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "D522AEEA-DB52-49B5-83D5-5FAAD596B0A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "03AA8327-1387-40CA-A7AC-30D85102D3C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "F8EC75B1-DB7E-4948-B780-E6EDB01CD96B", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.4b1:*:*:*:*:*:*:*", "matchCriteriaId": "5A1118B0-5FA1-44D6-8A59-AB88CB6D7A8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4EE06BD-B6A6-4C15-A68C-996497E3ECB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9812465-443C-4705-9F33-2FD23E12C642", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "3AD67F52-03B2-4886-8B19-563345E82CEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "D82D2FE1-5002-4686-AD98-8D9BA5778B12", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "3190B8FE-FD30-4C94-83A6-FB1169205452", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "B50E02F1-D6A0-40B5-A596-A455A88C4EFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.7:*:*:*:*:*:*:*", "matchCriteriaId": "67FB8E64-3560-4939-BA09-87A24BF8FAB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "BC24C47E-ACB6-466B-BA9B-7FC161079A9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.9:*:*:*:*:*:*:*", "matchCriteriaId": "471A9E3D-23D7-4A24-8039-B9D4C0226886", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.10:*:*:*:*:*:*:*", "matchCriteriaId": "A48BA931-2717-41FD-BA2B-9B7D6B954259", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5.12:*:*:*:*:*:*:*", "matchCriteriaId": "608CC05A-F055-4AF2-93ED-30F41F3D88A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.5b1:*:*:*:*:*:*:*", "matchCriteriaId": "3AD570CC-8EF6-4E3C-8BE8-9C57F146E46B", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.6:*:*:*:*:*:*:*", "matchCriteriaId": "4E38B353-669B-4F65-A6C1-1E453298E9CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "DFEFB8EC-8B60-4BDD-9755-10042D69C3B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "EB410E06-37EE-4D9D-AC71-CABAD5D3EE06", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "E99D1501-8085-4E5B-9A9A-D8B7124C2A3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.6b3:*:*:*:*:*:*:*", "matchCriteriaId": "320F8CF2-7981-47D5-B960-8C97D67607A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:1.6b4:*:*:*:*:*:*:*", "matchCriteriaId": "A7580A86-49DC-49CE-AE2B-50FF562A2949", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "38AEC1A8-447D-410F-AFEA-EA8786778E7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "81E6291B-D5AA-4DDB-B90D-00EE3318950A", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8ACCAB7E-96D6-4058-B501-5C376A576295", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "E3AD7553-44B3-4495-B3FE-B36A8E12040E", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2D2220AD-1C3D-4E83-8D37-B1564D3E8C46", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "4CFC90C8-2835-4779-A377-3B7D6822889B", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "09EA59F6-3532-4DF5-A6CB-CDBFDBA763E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "11186132-E216-4CD8-8ED2-B358C4030976", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "DCE2E90E-0CBF-4E7B-B219-862769BA7EA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "477275E1-70D8-43BE-B960-573106887EFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "01CC2C0A-9BB4-4D0A-A504-F8341CB9C0E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "61C67C3B-A090-49F0-8B0E-08EC9842E1D0", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0a1:*:*:*:*:*:*:*", "matchCriteriaId": "A4E0BB70-898D-496A-BB85-CE4B0632885F", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.0b1:*:*:*:*:*:*:*", "matchCriteriaId": "1A075B25-9069-4C15-A8DF-6442D1BCB1CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "EB9CE7E6-CF08-4040-A527-60783033D6C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.1a2:*:*:*:*:*:*:*", "matchCriteriaId": "EF1ABA33-1F5D-43B3-8143-BB3B76055FC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva:2.1b1:*:*:*:*:*:*:*", "matchCriteriaId": "A897EB3E-9491-497E-AA99-79D0FFDCBDE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:*:*:*:*:*:*:*:*", "matchCriteriaId": "38E26E3B-83BA-400A-A188-6DC5D73682EC", "versionEndIncluding": "1.1.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7689C4EF-7558-46AD-915E-07C909B99508", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AEC9A96D-2403-46E5-AEDC-3423F77F3492", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "56D294F5-D3F7-4C75-B259-754CFC511710", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "53DDCAC5-6B3C-41FA-AA11-525C5495112C", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "710020FE-9498-4503-AF78-5B26CEBAE272", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB5998AE-69F0-4684-9616-D5F5956A9E60", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:1.1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "80BB915B-C41E-4CD8-9DC2-DA7AEDF9EBFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:1.1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4A2E6603-3CC0-4DF5-B28D-C8AD90EF51D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:1.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "58FC3131-A342-47D6-AAF9-7EEE4C8A2E23", "vulnerable": true}, {"criteria": "cpe:2.3:a:infrae:silva_find:1.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "19287B1F-FFAA-4567-9863-1E3526BD52B3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Silva Find extension 1.1.5 and earlier in Silva 1.x before 1.6.3.2, Silva 2.0 before 2.0.12.2, and Silva 2.1 before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the fulltext parameter."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en la extensi\u00f3n Silva Find v1.1.5 y anteriores en Silva v1.x anterior a v1.6.3.2, Silva v2.0 anterior a v2.0.12.2, y Silva v2.1 anterior a v2.1.0.2, permite a atacantes remotos inyectar secuencias de comandos web y HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"fulltext\"."}], "id": "CVE-2008-5786", "lastModified": "2017-08-08T01:33:32.017", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-12-31T11:30:00.280", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://holisticinfosec.org/content/view/91/45/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32585"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.infrae.com/newsitems/silva_security_bulletin_08-11-07"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/49659"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/32183"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46427"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}