Unrated severityNVD Advisory· Published May 29, 2004· Updated Jun 16, 2026
CVE-2004-2040
CVE-2004-2040
Description
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.615 allow remote attackers to inject arbitrary web script or HTML via the (1) LAN_407 parameter to clock_menu.php, (2) "email article to a friend" field, (3) "submit news" field, or (4) avmsg parameter to usersettings.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
12- secunia.com/advisories/11740nvdPatchVendor Advisory
- www.securityfocus.com/bid/10436nvdExploitVendor Advisory
- www.waraxe.us/index.phpnvdExploitVendor Advisory
- www.osvdb.org/6526nvdVendor Advisory
- www.osvdb.org/6527nvdVendor Advisory
- www.osvdb.org/6528nvdVendor Advisory
- marc.infonvd
- marc.infonvd
- www.osvdb.org/6529nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16279nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16280nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16281nvd
News mentions
0No linked articles in our index yet.