Lucene search

CVE-2013-6224

🗓️ 10 Dec 2013 16:19:11Reported by mitreType

cve🔗 web.nvd.nist.gov👁 43 Views🌐 WEB

Multiple XSS vulnerabilities in LiveZilla before 5.1.1.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Prion	Cross site scripting	10 Dec 201316:11	–	prion
Packet Storm	LiveZilla Cross Site Scripting	29 Nov 201300:00	–	packetstorm
Cvelist	CVE-2013-6224	10 Dec 201316:00	–	cvelist
NVD	CVE-2013-6224	10 Dec 201316:11	–	nvd
OpenVAS	LiveZilla 'g_language' Parameter Cross Site Scripting Vulnerability	17 Dec 201300:00	–	openvas
Tenable Nessus	LiveZilla < 5.1.1.0 Multiple Vulnerabilities	14 Dec 201300:00	–	nessus

Nvd

Node

livezilla livezillaRange≤5.1.0.0

livezilla livezillaMatch3.1.8.3

livezilla livezillaMatch3.2.0.2

livezilla livezillaMatch4.0.1.0

livezilla livezillaMatch4.0.1.1

livezilla livezillaMatch4.0.1.2

livezilla livezillaMatch4.1.0.3

livezilla livezillaMatch4.1.0.4

livezilla livezillaMatch4.2.0.4

livezilla livezillaMatch4.2.0.5

livezilla livezillaMatch5.0.1.0

livezilla livezillaMatch5.0.1.1

livezilla livezillaMatch5.0.1.2

livezilla livezillaMatch5.0.1.3

livezilla livezillaMatch5.0.1.4

Source	Link
cureblog	www.cureblog.de/2013/12/cve-2013-6224-cross-site-scripting-in-livezilla
livezilla	www.livezilla.net/board/index.php
osvdb	www.osvdb.org/100401
packetstormsecurity	www.packetstormsecurity.com/files/124222
osvdb	www.osvdb.org/100402
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/89315
seclists	www.seclists.org/fulldisclosure/2013/Nov/208
osvdb	www.osvdb.org/100399

Parameter	Position	Path	Description	CWE
name	request body	/path/to/admin/feature	Cross-site scripting (XSS) vulnerability through input in the call administrator feature.	CWE-79
unspecified	request body	/path/to/admin/visitor/information	Cross-site scripting (XSS) vulnerability allowing modification of the admin's view via visitor information panel.	CWE-79
text message	request body	/path/to/chat/session/archive	Cross-site scripting (XSS) vulnerability in chat session allowing execution of code when viewing archive.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Dec 2013 16:11Current

5.6Medium risk

Vulners AI Score5.6

CVSS24.3

EPSS0.00445

CWE-79