Lucene search
K

70 matches found

CVE
CVE
added 2014/06/18 2:0 p.m.75 views

CVE-2014-3877

CVE-2014-3877 affects Frams"e; Fast File EXchange (F*EX, fex) prior to fex-20140530. The issue is an incomplete blacklist that allows remote XSS via the addto parameter to fup. Connected advisories confirm multiple vendors/publications (e.g., Debian DLA-68-1) documenting fex exposure and release ...

4.3CVSS5.8AI score0.01914EPSS
Exploits3References3Affected Software1
Debian CVE
Debian CVE
added 2014/06/18 2:0 p.m.36 views

CVE-2014-3876

Multiple cross-site scripting XSS vulnerabilities in Frams' Fast File EXchange FEX, aka fex before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the 1 akey parameter to rup or 2 disclaimer or 3 gm parameter to fuc...

4.3CVSS5.7AI score0.01914EPSS
Exploits3
securityvulns
securityvulns
added 2014/06/14 12:0 a.m.89 views

LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 === LSE Leading Security Experts GmbH - Security Advisory 2014-05-22 === FEX Frams' Fast File EXchange - Multiple Issues - - --------------------------------------------------------------------- Affected Versions ================= FEX Frams' Fast File...

4.3CVSS6.2AI score0.01914EPSS
Exploits5
NVD
NVD
added 2012/09/25 11:55 p.m.18 views

CVE-2012-1293

Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...

4.3CVSS5.7AI score0.02564EPSS
Exploits1References10
OSV
OSV
added 2012/09/25 11:55 p.m.12 views

CVE-2012-0869

Cross-site scripting XSS vulnerability in fup in Frams' Fast File EXchange FEX, aka fex before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

5.5AI score
Exploits0References11
OSV
OSV
added 2012/09/25 11:55 p.m.11 views

CVE-2012-1293

Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...

5.6AI score
Exploits0References10
OSV
OSV
added 2012/09/25 11:55 p.m.3 views

DEBIAN-CVE-2012-1293

Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...

4.3CVSS5.8AI score0.02564EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2012/09/25 11:55 p.m.37 views

CVE-2012-1293

Multiple cross-site scripting XSS vulnerabilities in fup in Frams' Fast File EXchange FEX, aka fex before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the 1 to or 2 from parameters...

4.3CVSS5.9AI score0.02564EPSS
Exploits1References1
CVE
CVE
added 2012/09/25 11:0 p.m.78 views

CVE-2012-0869

CVE-2012-0869 concerns FEX (Frams’ Fast File Exchange) via the vulnerable fup script. The issue is a Cross-Site Scripting (XSS) vulnerability exploitable through the id parameter, due to insufficient input sanitization. Affected product: F EX’s web service (fex) and its fup component, prior to 20...

4.3CVSS5.5AI score0.04852EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2012/09/25 11:0 p.m.20 views

CVE-2012-0869

Cross-site scripting XSS vulnerability in fup in Frams' Fast File EXchange FEX, aka fex before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter...

4.3CVSS5.5AI score0.04852EPSS
Exploits0
ThreatPost
ThreatPost
added 2012/09/05 2:27 p.m.12 views

Qubes OS Release Enhances Security Via Domain Isolation

With the deluge of malware and advanced attacks continuing unabated, security approaches that sandbox applications or isolate processes are garnering increased attention. Researcher Joanna Rutkowska and Invisible Things Lab were the latest to go in that direction with the official release on...

7.3AI score
Exploits0References1
securityvulns
securityvulns
added 2012/02/22 12:0 a.m.72 views

F*EX 20111129-2 Cross Site Scripting Vulnerability

------------------------------------------------------------------------ FEX 20111129-2 Cross Site Scripting Vulnerability ------------------------------------------------------------------------ title.............: FEX 20111129-2 Cross Site Scripting Vulnerabilities author............: muuratsal...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2012/02/20 12:0 a.m.29 views

F*EX 20100208 Cross Site Scripting

------------------------------------------------------------------------ FEX = 20100208 Cross Site Scripting Vulnerabilities ------------------------------------------------------------------------ title.............: FEX = 20100208 Cross Site Scripting Vulnerabilities author............:...

0.2AI score
Exploits0
NVD
NVD
added 2011/06/24 8:55 p.m.16 views

CVE-2011-1409

Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...

5CVSS7AI score0.02289EPSS
Exploits0References5
OSV
OSV
added 2011/06/24 8:55 p.m.6 views

CVE-2011-1409

Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...

6.9AI score
Exploits0References5
Prion
Prion
added 2011/06/24 8:55 p.m.10 views

Authentication flaw

Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...

5CVSS7.5AI score0.02289EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2011/06/24 8:0 p.m.51 views

CVE-2011-1409

CVE-2011-1409 affects Frams’s Fast File EXchange (F*EX, fex). The vulnerability allows an unauthenticated remote attacker to bypass authentication and upload arbitrary files via a request that omits an authentication ID, potentially impacting confidentiality and integrity. The issue is documented...

5CVSS7.1AI score0.02289EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2011/06/24 8:0 p.m.17 views

CVE-2011-1409

Frams's Fast File EXchange FEX, aka fex 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID...

6.9AI score0.02289EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2009/07/08 12:0 a.m.24 views

Big Sister File Exchange Server 0.03 Disclosure

Application Name : Big Sister File Exchange Server 0.03 Vulnerable Type : Arbitrary Db Config Download Vulnerability Infection : SQL Info Get... Author : Septemb0x Script Down.& WebSite : http://sourceforge.net/projects/bigsifes/files/bigsifes/bigsifes-0.03.tgz EXPLOIT : http://target/path/config...

7.4AI score
Exploits0
Fedora
Fedora
added 2009/03/16 7:39 p.m.27 views

[SECURITY] Fedora 9 Update: mldonkey-3.0.0-1.fc9

MLDonkey is a door to the 'donkey' network, a decentralized network used to exchange big files on the Internet. It is written in a wonderful language, called Objective-Caml, and present most features of the basic Windows donkey client, plus some more: - It should work on most UNIX-compatible...

5CVSS0.8AI score0.05803EPSS
Exploits0
Rows per page
Query Builder