EUVD-2014-3812

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Remote attackers can use the addto parameter in Fast File Exchange for cross-site scripting attacks.

Reporter	Title	Published	Views	Family All 18
0day.today	F*EX 20140313-1 HTTP Response Splitting / Cross Site Scripting	5 Jun 201400:00	–	zdt
Circl	CVE-2014-3875	28 Feb 202417:07	–	circl
CVE	CVE-2014-3875	27 Nov 201918:35	–	cve
Cvelist	CVE-2014-3875	27 Nov 201918:35	–	cvelist
Debian	[SECURITY] [DLA 68-1] fex security update	30 Sep 201420:33	–	debian
Debian CVE	CVE-2014-3875	27 Nov 201918:35	–	debiancve
Tenable Nessus	Debian DLA-68-1 : fex security update	26 Mar 201500:00	–	nessus
NVD	CVE-2014-3875	27 Nov 201919:15	–	nvd
OpenVAS	Frams&qt Fast File EXchange Multiple Vulnerabilities	4 Jul 201400:00	–	openvas
OpenVAS	Debian: Security Advisory (DLA-68-1)	8 Mar 202300:00	–	openvas

[
  {
    "enisaIdVendor": [
      {
        "id": "5f10e35c-0016-3faf-9fd2-9e0bc5c214e8",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "b997ac9a-b9b7-3956-85cf-22f5f74a481b",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2014-3875
packetstormsecurity	www.packetstormsecurity.com/files/126906/F-EX-20140313-1-HTTP-Response-Splitting-Cross-Site-Scripting.html
security-tracker	www.security-tracker.debian.org/tracker/CVE-2014-3875
openwall	www.openwall.com/lists/oss-security/2014/06/03/6
seclists	www.seclists.org/fulldisclosure/2014/Jun/1
securityfocus	www.securityfocus.com/bid/67783
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.1Medium risk

Vulners AI Score6.1

CVSS 3.16.1

CVSS 24.3

EPSS0.00789