Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2010-4405
Deferred
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-06 Dec, 2010 | 13:37
Updated At-11 Apr, 2025 | 00:51

Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:N
CPE Matches
anything-digital
anything-digital
>>sh404sef>>Versions up to 2.1.7.761(inclusive)
cpe:2.3:a:anything-digital:sh404sef:*:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.2.255
cpe:2.3:a:anything-digital:sh404sef:1.5.2.255:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.3.296
cpe:2.3:a:anything-digital:sh404sef:1.5.3.296:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.4.302
cpe:2.3:a:anything-digital:sh404sef:1.5.4.302:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.5.388
cpe:2.3:a:anything-digital:sh404sef:1.5.5.388:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.6.398
cpe:2.3:a:anything-digital:sh404sef:1.5.6.398:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.7.407
cpe:2.3:a:anything-digital:sh404sef:1.5.7.407:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.8.432
cpe:2.3:a:anything-digital:sh404sef:1.5.8.432:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.9.434
cpe:2.3:a:anything-digital:sh404sef:1.5.9.434:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.10.446
cpe:2.3:a:anything-digital:sh404sef:1.5.10.446:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.11.459
cpe:2.3:a:anything-digital:sh404sef:1.5.11.459:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>1.5.12.464
cpe:2.3:a:anything-digital:sh404sef:1.5.12.464:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.0.0
cpe:2.3:a:anything-digital:sh404sef:2.0.0:rc522:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.0.1.531
cpe:2.3:a:anything-digital:sh404sef:2.0.1.531:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.0.2.542
cpe:2.3:a:anything-digital:sh404sef:2.0.2.542:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.0.3.545
cpe:2.3:a:anything-digital:sh404sef:2.0.3.545:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.1.0.641
cpe:2.3:a:anything-digital:sh404sef:2.1.0.641:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.1.1.644
cpe:2.3:a:anything-digital:sh404sef:2.1.1.644:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.1.2.649
cpe:2.3:a:anything-digital:sh404sef:2.1.2.649:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.1.3.680
cpe:2.3:a:anything-digital:sh404sef:2.1.3.680:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.1.4.734
cpe:2.3:a:anything-digital:sh404sef:2.1.4.734:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.1.5.746
cpe:2.3:a:anything-digital:sh404sef:2.1.5.746:*:*:*:*:*:*:*
anything-digital
anything-digital
>>sh404sef>>2.1.6.749
cpe:2.3:a:anything-digital:sh404sef:2.1.6.749:*:*:*:*:*:*:*
Joomla!
joomla
>>joomla\!>>*
cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
CWE ID: CWE-79
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://dev.anything-digital.com/Forum/Announcements/9100-Urgent-sh404SEF-security-release-Joomla-1.5/cve@mitre.org
N/A
http://secunia.com/advisories/42430cve@mitre.org
Vendor Advisory
http://twitter.com/jeffchannell/status/8603529560195072cve@mitre.org
N/A
http://www.securityfocus.com/bid/45135cve@mitre.org
N/A
http://dev.anything-digital.com/Forum/Announcements/9100-Urgent-sh404SEF-security-release-Joomla-1.5/af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/42430af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://twitter.com/jeffchannell/status/8603529560195072af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/45135af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://dev.anything-digital.com/Forum/Announcements/9100-Urgent-sh404SEF-security-release-Joomla-1.5/
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/42430
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://twitter.com/jeffchannell/status/8603529560195072
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/45135
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://dev.anything-digital.com/Forum/Announcements/9100-Urgent-sh404SEF-security-release-Joomla-1.5/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/42430
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://twitter.com/jeffchannell/status/8603529560195072
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/45135
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found