{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T00:08:04.926","vulnerabilities":[{"cve":{"id":"CVE-2005-4307","sourceIdentifier":"cve@mitre.org","published":"2005-12-17T00:03:00.000","lastModified":"2026-06-16T22:18:33.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in ScareCrow 2.13 and earlier allows remote attackers to inject arbitrary web script or HTML via the forum parameter to (1) forum.cgi and (2) post.cgi, or (3) the user parameter to profile.cgi."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jonathan_bravata:scarecrow:*:*:*:*:*:*:*:*","versionEndIncluding":"2.13","matchCriteriaId":"27D30048-7E23-4638-942E-454F8517CC16"},{"vulnerable":true,"criteria":"cpe:2.3:a:jonathan_bravata:scarecrow:2.00_beta:*:*:*:*:*:*:*","matchCriteriaId":"D747DA86-8D2F-411A-8A35-47D2618A1051"},{"vulnerable":true,"criteria":"cpe:2.3:a:jonathan_bravata:scarecrow:2.01_beta:*:*:*:*:*:*:*","matchCriteriaId":"0C897F81-C4D5-4978-9C86-B0BE3B6DAA5A"},{"vulnerable":true,"criteria":"cpe:2.3:a:jonathan_bravata:scarecrow:2.10:*:*:*:*:*:*:*","matchCriteriaId":"9AD21775-51E8-4750-B530-53CE76B897E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:jonathan_bravata:scarecrow:2.11:*:*:*:*:*:*:*","matchCriteriaId":"A935DBD1-E9E7-4698-8813-28CC241E85B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:jonathan_bravata:scarecrow:2.12:*:*:*:*:*:*:*","matchCriteriaId":"67AB3ACD-8E9A-437E-B7F8-2A8123EA12E9"}]}]}],"references":[{"url":"http://pridels0.blogspot.com/2005/12/scarecrow-message-board-xss-vuln.html","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/18084","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.osvdb.org/21777","source":"cve@mitre.org"},{"url":"http://www.osvdb.org/21778","source":"cve@mitre.org"},{"url":"http://www.osvdb.org/21779","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/15915","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://www.vupen.com/english/advisories/2005/2937","source":"cve@mitre.org"},{"url":"http://pridels0.blogspot.com/2005/12/scarecrow-message-board-xss-vuln.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/18084","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.osvdb.org/21777","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.osvdb.org/21778","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.osvdb.org/21779","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/15915","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.vupen.com/english/advisories/2005/2937","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}