Lucene search
CVE-2013-7368
Multiple XSS vulnerabilities in Gnew 2013.
Show more
| Reporter | Title | Published | Views | Family All 4 |
|---|---|---|---|---|
 | Cross site scripting | 15 Apr 201423:13 | – | prion |
 | CVE-2013-7368 | 15 Apr 201417:00 | – | cvelist |
 | CVE-2013-7368 | 15 Apr 201423:13 | – | nvd |
 | Gnew <= 2013.1 Multiple Vulnerabilities - Active Check | 17 Oct 201300:00 | – | openvas |
Node
| Source | Link |
|---|---|
| zeroscience | www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5153.php |
| securityfocus | www.securityfocus.com/bid/61721 |
| netsparker | www.netsparker.com/critical-xss-sql-injection-vulnerabilities-gnew/ |
| packetstormsecurity | www.packetstormsecurity.com/files/122771 |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| gnew_template | query param | users/profile.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the gnew_template parameter. | CWE-79 |
| gnew_template | query param | articles/index.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the gnew_template parameter. | CWE-79 |
| gnew_template | query param | admin/polls.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the gnew_template parameter. | CWE-79 |
| category_id | query param | news/submit.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the category_id parameter. | CWE-79 |
| news_id | query param | news/send.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the news_id parameter. | CWE-79 |
| news_id | query param | comments/add.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the news_id parameter. | CWE-79 |
| post_subject | query param | posts/edit.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the post_subject parameter. | CWE-79 |
| thread_id | query param | posts/edit.php | Cross-Site Scripting (XSS) vulnerability allowing script injection via the thread_id parameter. | CWE-79 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo15 Apr 2014 23:13Current
5.9Medium risk
Vulners AI Score5.9
CVSS24.3
EPSS0.04379