2 matches found
CVE-2013-1642
Multiple cross-site scripting XSS vulnerabilities in QuiXplorer before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 dir, 2 item, 3 order, 4 searchitem, 5 selitems, or 6 srt parameter to index.php or 7 the QUERYSTRING to index.php...
CVE-2013-1642
QuiXplorer (before 2.5.5) is affected by multiple XSS vulnerabilities. The issue enables remote attackers to inject arbitrary web script or HTML via parameters (dir, item, order, searchitem, selitems[], srt) to index.php or via QUERY_STRING. Impact includes possible client-side script execution; ...