{"api_version":"1","generated_at":"2026-04-24T09:42:18+00:00","cve":"CVE-2011-5205","urls":{"html":"https://cve.report/CVE-2011-5205","api":"https://cve.report/api/cve/CVE-2011-5205.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2011-5205","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2011-5205"},"summary":{"title":"CVE-2011-5205","description":"Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 rev42 SVN r358, rev43 SVN r397, and earlier allows remote attackers to inject arbitrary web script or HTML via the links parameter.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2012-10-04 17:55:00","updated_at":"2017-08-29 01:30:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"http://packetstormsecurity.org/files/108239/rapidleech-xss.txt","name":"http://packetstormsecurity.org/files/108239/rapidleech-xss.txt","refsource":"MISC","tags":["Exploit"],"title":"Rapidleech Cross Site Scripting ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72071","name":"rapidleech-audl-xss(72071)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/47434","name":"47434","refsource":"SECUNIA","tags":["Vendor Advisory"],"title":"Rapidleech Cross-Site Scripting and Script Insertion Vulnerabilities - Secunia.com","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/51215","name":"51215","refsource":"BID","tags":[],"title":"RapidLeech 'audl.php' Cross Site Scripting Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2011-5205","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-5205","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2011","cve_id":"5205","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rapidleech","cpe5":"rapidleech","cpe6":"2.3","cpe7":"rev42_svn_r358","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"5205","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rapidleech","cpe5":"rapidleech","cpe6":"2.3","cpe7":"v42_svn322","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"5205","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rapidleech","cpe5":"rapidleech","cpe6":"rev36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"5205","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rapidleech","cpe5":"rapidleech","cpe6":"2.3","cpe7":"rev42_svn_r358","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"5205","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rapidleech","cpe5":"rapidleech","cpe6":"2.3","cpe7":"v42_svn322","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"5205","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rapidleech","cpe5":"rapidleech","cpe6":"rev36","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2011","cve_id":"5205","vulnerable":"1","versionEndIncluding":"2.3","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"rapidleech","cpe5":"rapidleech","cpe6":"*","cpe7":"rev43_svn_r397","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2011-5205","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 rev42 SVN r358, rev43 SVN r397, and earlier allows remote attackers to inject arbitrary web script or HTML via the links parameter."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"rapidleech-audl-xss(72071)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72071"},{"name":"51215","refsource":"BID","url":"http://www.securityfocus.com/bid/51215"},{"name":"47434","refsource":"SECUNIA","url":"http://secunia.com/advisories/47434"},{"name":"http://packetstormsecurity.org/files/108239/rapidleech-xss.txt","refsource":"MISC","url":"http://packetstormsecurity.org/files/108239/rapidleech-xss.txt"}]}},"nvd":{"publishedDate":"2012-10-04 17:55:00","lastModifiedDate":"2017-08-29 01:30:00","problem_types":["CWE-79"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rapidleech:rapidleech:*:rev43_svn_r397:*:*:*:*:*:*","versionEndIncluding":"2.3","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rapidleech:rapidleech:rev36:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rapidleech:rapidleech:2.3:rev42_svn_r358:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:rapidleech:rapidleech:2.3:v42_svn322:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2011","CveId":"5205","Ordinal":"58307","Title":"CVE-2011-5205","CVE":"CVE-2011-5205","Year":"2011"},"notes":[{"CveYear":"2011","CveId":"5205","Ordinal":"1","NoteData":"Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 rev42 SVN r358, rev43 SVN r397, and earlier allows remote attackers to inject arbitrary web script or HTML via the links parameter.","Type":"Description","Title":null},{"CveYear":"2011","CveId":"5205","Ordinal":"2","NoteData":"2012-10-04","Type":"Other","Title":"Published"},{"CveYear":"2011","CveId":"5205","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}