CVE-2013-1466

🗓️ 05 Feb 2014 15:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 52 Views🌐 WEB

CVE-2013-1466 Multiple XSS vulnerabilities in glFusion before 1.2.2.pl

Reporter	Title	Published	Views	Family All 13
0day.today	glFusion 1.2.2 Cross Site Scripting Vulnerability	21 Feb 201300:00	–	zdt
0day.today	glFusion 1.2.2 - Multiple XSS Vulnerabilities	21 Feb 201300:00	–	zdt
Cvelist	CVE-2013-1466	5 Feb 201415:00	–	cvelist
Exploit DB	glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities	21 Feb 201300:00	–	exploitdb
EUVD	EUVD-2013-1502	7 Oct 202500:30	–	euvd
exploitpack	glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities	21 Feb 201300:00	–	exploitpack
htbridge	Multiple Cross-Site Scripting (XSS) in glFusion	30 Jan 201300:00	–	htbridge
NVD	CVE-2013-1466	5 Feb 201415:10	–	nvd
OpenVAS	glFusion Multiple Cross-Site Scripting Vulnerabilities	1 Mar 201300:00	–	openvas
Packet Storm	glFusion 1.2.2 Cross Site Scripting	21 Feb 201300:00	–	packetstorm

NVD

Node

glfusion glfusionRange≤1.2.2.pl3

glfusion glfusionMatch1.0.0

glfusion glfusionMatch1.0.0rc1

glfusion glfusionMatch1.0.0rc2

glfusion glfusionMatch1.0.1

glfusion glfusionMatch1.0.2

glfusion glfusionMatch1.1.0

glfusion glfusionMatch1.1.0rc1

glfusion glfusionMatch1.1.1

glfusion glfusionMatch1.1.2

glfusion glfusionMatch1.1.3

glfusion glfusionMatch1.1.4

glfusion glfusionMatch1.1.4.pl1

glfusion glfusionMatch1.1.4.pl2

glfusion glfusionMatch1.1.4.pl3

glfusion glfusionMatch1.1.4.pl4

glfusion glfusionMatch1.1.5

glfusion glfusionMatch1.1.5.pl1

glfusion glfusionMatch1.1.5.pl2

glfusion glfusionMatch1.1.5.pl3

glfusion glfusionMatch1.1.6

glfusion glfusionMatch1.1.6.pl1

glfusion glfusionMatch1.1.6.pl2

glfusion glfusionMatch1.1.6.pl3

glfusion glfusionMatch1.1.6.pl4

glfusion glfusionMatch1.1.7

glfusion glfusionMatch1.1.8

glfusion glfusionMatch1.1.8.pl1

glfusion glfusionMatch1.1.8.pl2

glfusion glfusionMatch1.1.8.pl3

glfusion glfusionMatch1.1.8.pl4

glfusion glfusionMatch1.1.8.pl5

glfusion glfusionMatch1.1.8.pl6

glfusion glfusionMatch1.2.0

glfusion glfusionMatch1.2.0.pl1

glfusion glfusionMatch1.2.0.pl2

glfusion glfusionMatch1.2.0.pl3

glfusion glfusionMatch1.2.0.pl4

glfusion glfusionMatch1.2.0.pl5

glfusion glfusionMatch1.2.0.pl6

glfusion glfusionMatch1.2.0.pl7

glfusion glfusionMatch1.2.2

glfusion glfusionMatch1.2.2.pl1

glfusion glfusionMatch1.2.2.pl2

Source	Link
archives	www.archives.neohapsis.com/archives/bugtraq/2013-02/0093.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/82211
glfusion	www.glfusion.org/article.php/glf122_update_20130130_01
packetstormsecurity	www.packetstormsecurity.com/files/120423/glFusion-1.2.2-Cross-Site-Scripting.html
htbridge	www.htbridge.com/advisory/HTB23142
secunia	www.secunia.com/advisories/52255
exploit-db	www.exploit-db.com/exploits/24536

Parameter	Position	Path	Description	CWE
subject	request body	profiles.php	XSS via subject parameter in profiles.php POST data	CWE-79
address1	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
calendar_type	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
city	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
state	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
title	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
url	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
zipcode	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
address2	request body	calendar/index.php	XSS via multiple POST parameters in calendar/index.php	CWE-79
title	request body	links/index.php	XSS via title and url POST parameters in links/index.php	CWE-79

29 Apr 2026 01:13Current

5.6Medium risk

Vulners AI Score5.6

CVSS 24.3

EPSS0.08713

CWE-79