CVE-2013-1466

🗓️ 05 Feb 2014 15:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 59 Views🌐 WEB

CVE-2013-1466 Multiple XSS vulnerabilities in glFusion before 1.2.2.pl

Reporter	Title	Published	Views	Family All 13
0day.today	glFusion 1.2.2 Cross Site Scripting Vulnerability	21 Feb 201300:00	–	zdt
0day.today	glFusion 1.2.2 - Multiple XSS Vulnerabilities	21 Feb 201300:00	–	zdt
Cvelist	CVE-2013-1466	5 Feb 201415:00	–	cvelist
Exploit DB	glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities	21 Feb 201300:00	–	exploitdb
EUVD	EUVD-2013-1502	7 Oct 202500:30	–	euvd
exploitpack	glFusion 1.2.2 - Multiple Cross-Site Scripting Vulnerabilities	21 Feb 201300:00	–	exploitpack
htbridge	Multiple Cross-Site Scripting (XSS) in glFusion	30 Jan 201300:00	–	htbridge
NVD	CVE-2013-1466	5 Feb 201415:10	–	nvd
OpenVAS	glFusion Multiple Cross-Site Scripting Vulnerabilities	1 Mar 201300:00	–	openvas
Packet Storm	glFusion 1.2.2 Cross Site Scripting	21 Feb 201300:00	–	packetstorm

NVD

Node

glfusion glfusionRange≤1.2.2.pl3

glfusion glfusionMatch1.0.0

glfusion glfusionMatch1.0.0rc1

glfusion glfusionMatch1.0.0rc2

glfusion glfusionMatch1.0.1

glfusion glfusionMatch1.0.2

glfusion glfusionMatch1.1.0

glfusion glfusionMatch1.1.0rc1

glfusion glfusionMatch1.1.1

glfusion glfusionMatch1.1.2

glfusion glfusionMatch1.1.3

glfusion glfusionMatch1.1.4

glfusion glfusionMatch1.1.4.pl1

glfusion glfusionMatch1.1.4.pl2

glfusion glfusionMatch1.1.4.pl3

glfusion glfusionMatch1.1.4.pl4

glfusion glfusionMatch1.1.5

glfusion glfusionMatch1.1.5.pl1

glfusion glfusionMatch1.1.5.pl2

glfusion glfusionMatch1.1.5.pl3

glfusion glfusionMatch1.1.6

glfusion glfusionMatch1.1.6.pl1

glfusion glfusionMatch1.1.6.pl2

glfusion glfusionMatch1.1.6.pl3

glfusion glfusionMatch1.1.6.pl4

glfusion glfusionMatch1.1.7

glfusion glfusionMatch1.1.8

glfusion glfusionMatch1.1.8.pl1

glfusion glfusionMatch1.1.8.pl2

glfusion glfusionMatch1.1.8.pl3

glfusion glfusionMatch1.1.8.pl4

glfusion glfusionMatch1.1.8.pl5

glfusion glfusionMatch1.1.8.pl6

glfusion glfusionMatch1.2.0

glfusion glfusionMatch1.2.0.pl1

glfusion glfusionMatch1.2.0.pl2

glfusion glfusionMatch1.2.0.pl3

glfusion glfusionMatch1.2.0.pl4

glfusion glfusionMatch1.2.0.pl5

glfusion glfusionMatch1.2.0.pl6

glfusion glfusionMatch1.2.0.pl7

glfusion glfusionMatch1.2.2

glfusion glfusionMatch1.2.2.pl1

glfusion glfusionMatch1.2.2.pl2

Source	Link
archives	www.archives.neohapsis.com/archives/bugtraq/2013-02/0093.html
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/82211
glfusion	www.glfusion.org/article.php/glf122_update_20130130_01
packetstormsecurity	www.packetstormsecurity.com/files/120423/glFusion-1.2.2-Cross-Site-Scripting.html
htbridge	www.htbridge.com/advisory/HTB23142
secunia	www.secunia.com/advisories/52255
exploit-db	www.exploit-db.com/exploits/24536

Parameter	Position	Path	Description	CWE
subject	request body	profiles.php	XSS in profiles.php via subject POST parameter.	CWE-79
address1	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
address2	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
calendar_type	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
city	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
state	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
title	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
url	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
zipcode	request body	calendar/index.php	XSS in calendar/index.php via multiple POST parameters.	CWE-79
title	request body	links/index.php	XSS in links/index.php via title and url POST parameters.	CWE-79

16 Jun 2026 23:51Current

5.6Medium risk

Vulners AI Score5.6

CVSS 24.3

EPSS0.03775

CWE-79