Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2013-2204
HistoryJul 08, 2013 - 8:55 p.m.

Spoofing

2013-07-0820:55:00
PRIOn knowledge base
www.prio-n.com
7

7.1 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

77.5%

JSON

moxieplayer.as in Moxiecode moxieplayer, as used in the TinyMCE Media plugin in WordPress before 3.5.2 and other products, does not consider the presence of a # (pound sign) character during extraction of the QUERY_STRING, which allows remote attackers to pass arbitrary parameters to a Flash application, and conduct content-spoofing attacks, via a crafted string after a ? (question mark) character.

Related

cvelist 1
ubuntucve 1
cve 1
patchstack 1
debiancve 1
freebsd 1
nessus 8
fedora 8
securityvulns 2
openvas 15
mageia 1
osv 1
debian 1
cvelist
cvelist
CVE-2013-2204
2013-07-08 20:00:00
ubuntucve
ubuntucve
CVE-2013-2204
2013-07-08 00:00:00
cve
cve
CVE-2013-2204
2013-07-08 20:55:00
patchstack
patchstack
WordPress TinyMCE Media Plugin <= 3.5.1 - Content Spoofing
2013-02-19 00:00:00
debiancve
debiancve
CVE-2013-2204
2013-07-08 20:55:00
freebsd
freebsd
wordpress -- multiple vulnerabilities
2013-06-21 00:00:00
nessus
nessus
FreeBSD : wordpress -- multiple vulnerabilities (049332d2-f6e1-11e2-82f3-000c29ee3065)
2013-07-28 00:00:00
Fedora 18 : wordpress-3.5.2-1.fc18 (2013-11630)
2013-07-12 00:00:00
WordPress < 3.5.2 Multiple Vulnerabilities
2013-05-25 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: wordpress-3.5.2-1.fc19
2013-07-03 01:36:05
[SECURITY] Fedora 19 Update: wordpress-3.6.1-1.fc19
2013-09-26 06:04:43
[SECURITY] Fedora 18 Update: wordpress-3.5.2-1.fc18
2013-07-03 01:37:44
securityvulns
securityvulns
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2013-07-08 00:00:00
[SECURITY] [DSA 2718-1] wordpress security update
2013-07-08 00:00:00
openvas
openvas
Fedora Update for wordpress FEDORA-2013-11590
2013-08-20 00:00:00
Fedora Update for wordpress FEDORA-2013-11590
2013-08-20 00:00:00
Debian: Security Advisory (DSA-2718-1)
2013-06-30 00:00:00
mageia
mageia
Updated wordpress package fixes security vulnerabilities
2013-07-01 23:19:24
osv
osv
wordpress - several
2013-07-01 00:00:00
debian
debian
[SECURITY] [DSA 2718-1] wordpress security update
2013-07-02 19:51:57

7.1 High

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.006 Low

EPSS

Percentile

77.5%

JSON
Related for PRION:CVE-2013-2204
cvelist1ubuntucve1cve1patchstack1debiancve1freebsd1nessus8fedora8securityvulns2openvas15mageia1osv1debian1