Lucene search
K

8 matches found

NVD
NVD
added 2014/05/23 2:55 p.m.18 views

CVE-2013-2712

Cross-site scripting XSS vulnerability in services/getarticle.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter...

4.3CVSS5.6AI score0.01826EPSS
Exploits5References5
Cvelist
Cvelist
added 2014/05/23 2:0 p.m.23 views

CVE-2013-2712

Cross-site scripting XSS vulnerability in services/getarticle.php in KrisonAV CMS before 3.0.2 allows remote attackers to inject arbitrary web script or HTML via the content parameter...

5.6AI score0.01826EPSS
Exploits5References5
CVE
CVE
added 2014/05/23 2:0 p.m.65 views

CVE-2013-2712

KrisonAV CMS is affected by CVE-2013-2712 (XSS) in the /services/get_article.php endpoint, where user-supplied data passed via the content parameter can execute arbitrary script/HTML in a victim user’s browser. The vulnerability affects KrisonAV CMS prior to version 3.0.2 and arises from insuffic...

4.3CVSS5.6AI score0.01826EPSS
Exploits5References5Affected Software1
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.140 views

Multiple Vulnerabilities in KrisonAV CMS

Advisory ID: HTB23150 Product: KrisonAV CMS Vendor: http://www.krisonav.com Vulnerable Versions: 3.0.1 and probably prior Tested Version: 3.0.1 Vendor Notification: March 27, 2013 Vendor Patch: March 31, 2013 Public Disclosure: April 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79,...

6.8CVSS6.6AI score0.01826EPSS
Exploits6
exploitpack
exploitpack
added 2013/04/18 12:0 a.m.57 views

KrisonAV CMS 3.0.1 - Multiple Vulnerabilities

KrisonAV CMS 3.0.1 - Multiple Vulnerabilities Advisory ID: HTB23150 Product: KrisonAV CMS Vendor: http://www.krisonav.com Vulnerable Versions: 3.0.1 and probably prior Tested Version: 3.0.1 Vendor Notification: March 27, 2013 Vendor Patch: March 31, 2013 Public Disclosure: April 17, 2013...

6.8CVSS0.5AI score0.01826EPSS
Exploits6
Exploit DB
Exploit DB
added 2013/04/18 12:0 a.m.52 views

KrisonAV CMS 3.0.1 - Multiple Vulnerabilities

Advisory ID: HTB23150 Product: KrisonAV CMS Vendor: http://www.krisonav.com Vulnerable Versions: 3.0.1 and probably prior Tested Version: 3.0.1 Vendor Notification: March 27, 2013 Vendor Patch: March 31, 2013 Public Disclosure: April 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79,...

6.8CVSS6.4AI score0.01826EPSS
Exploits6
Packet Storm
Packet Storm
added 2013/04/17 12:0 a.m.68 views

KrisonAV CMS 3.0.1 CSRF / Cross Site Scripting

Advisory ID: HTB23150 Product: KrisonAV CMS Vendor: http://www.krisonav.com Vulnerable Versions: 3.0.1 and probably prior Tested Version: 3.0.1 Vendor Notification: March 27, 2013 Vendor Patch: March 31, 2013 Public Disclosure: April 17, 2013 Vulnerability Type: Cross-Site Scripting CWE-79,...

6.8CVSS0.1AI score0.01826EPSS
Exploits6
htbridge
htbridge
added 2013/03/27 12:0 a.m.47 views

Multiple Vulnerabilities in KrisonAV CMS

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in KrisonAV CMS, which can be exploited to perform cross-site scripting and cross-site request forgery attacks. 1 Cross-Site Scripting XSS vulnerability in KrisonAV CMS: CVE-2013-2712 The vulnerability exists due to...

5.1CVSS6.3AI score0.01826EPSS
Exploits6Affected Software1
Rows per page
Query Builder