{"api_version":"1","generated_at":"2026-04-25T11:39:03+00:00","cve":"CVE-2005-0307","urls":{"html":"https://cve.report/CVE-2005-0307","api":"https://cve.report/api/cve/CVE-2005-0307.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-0307","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-0307"},"summary":{"title":"CVE-2005-0307","description":"Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-01-25 05:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.3","severity":"","vector":"AV:N/AC:M/Au:N/C:N/I:P/A:N","data":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"}}],"references":[{"url":"http://marc.info/?l=bugtraq&m=110661795632354&w=2","name":"http://marc.info/?l=bugtraq&m=110661795632354&w=2","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"'Multiple vulnerabilities in MercuryBoard 1.1.1' - MARC","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19050","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19050","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/12359","name":"http://www.securityfocus.com/bid/12359","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"MercuryBoard Multiple Input Validation Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-0307","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0307","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"307","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mercuryboard","cpe5":"mercuryboard","cpe6":"1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2005","cve_id":"307","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mercuryboard","cpe5":"mercuryboard","cpe6":"1.1.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T21:05:25.597Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"20050124 Multiple vulnerabilities in MercuryBoard 1.1.1","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=110661795632354&w=2"},{"name":"mercuryboard-multiple-scripts-xss(19050)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19050"},{"name":"12359","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/12359"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-01-24T00:00:00.000Z","descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-10T14:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"20050124 Multiple vulnerabilities in MercuryBoard 1.1.1","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://marc.info/?l=bugtraq&m=110661795632354&w=2"},{"name":"mercuryboard-multiple-scripts-xss(19050)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19050"},{"name":"12359","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/12359"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-0307","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"20050124 Multiple vulnerabilities in MercuryBoard 1.1.1","refsource":"BUGTRAQ","url":"http://marc.info/?l=bugtraq&m=110661795632354&w=2"},{"name":"mercuryboard-multiple-scripts-xss(19050)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19050"},{"name":"12359","refsource":"BID","url":"http://www.securityfocus.com/bid/12359"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-0307","datePublished":"2005-02-10T05:00:00.000Z","dateReserved":"2005-02-10T00:00:00.000Z","dateUpdated":"2024-08-07T21:05:25.597Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-01-25 05:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mercuryboard:mercuryboard:1.1:*:*:*:*:*:*:*","matchCriteriaId":"52E42E9E-1C19-4ABE-99DA-A88B4D5C533D"},{"vulnerable":true,"criteria":"cpe:2.3:a:mercuryboard:mercuryboard:1.1.1:*:*:*:*:*:*:*","matchCriteriaId":"2473C711-A505-43C7-81B4-48EE7D32395C"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"307","Ordinal":"1","Title":"CVE-2005-0307","CVE":"CVE-2005-0307","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"307","Ordinal":"1","NoteData":"Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters.","Type":"Description","Title":"CVE-2005-0307"},{"CveYear":"2005","CveId":"307","Ordinal":"2","NoteData":"2005-02-10","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"307","Ordinal":"3","NoteData":"2017-07-10","Type":"Other","Title":"Modified"}]}}}