Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:12 a.m.12 views

CVE-2013-4899

Cross-site scripting XSS vulnerability in Twilight CMS 5.17 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATHINFO to the gallery/ page...

4.3CVSS6AI score0.01193EPSS
Exploits3References1
CVE
CVE
added 2013/09/09 5:0 p.m.55 views

CVE-2013-4899

CVE-2013-4899 concerns Twilight CMS (v5.17 and earlier). The issue is an XSS vulnerability where user-supplied data appended to "/gallery/" is insufficiently filtered, allowing a remote attacker to inject arbitrary script via PATH_INFO and execute in the context of a logged-in user. The advisory ...

4.3CVSS5.8AI score0.01193EPSS
Exploits3References3Affected Software1
securityvulns
securityvulns
added 2013/09/09 12:0 a.m.132 views

Cross-Site Scripting (XSS) in Twilight CMS

Advisory ID: HTB23166 Product: Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 5.17 and probably prior Tested Version: 5.17 Vendor Notification: July 24, 2013 Vendor Patch: August 15, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

4.3CVSS0.01193EPSS
Exploits3
0day.today
0day.today
added 2013/08/23 12:0 a.m.56 views

Twilight CMS 5.17 Cross Site Scripting Vulnerability

Twilight CMS version 5.17 suffers from a cross site scripting vulnerability. Product: Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 5.17 and probably prior Tested Version: 5.17 Vendor Notification: July 24, 2013 Vendor Patch: August 15, 2013 Public Disclosure: August 21, 2013...

4.3CVSS6.2AI score0.01193EPSS
Exploits3
Packet Storm
Packet Storm
added 2013/08/22 12:0 a.m.52 views

Twilight CMS 5.17 Cross Site Scripting

Advisory ID: HTB23166 Product: Twilight CMS Vendor: Strata Technologies LLC Vulnerable Versions: 5.17 and probably prior Tested Version: 5.17 Vendor Notification: July 24, 2013 Vendor Patch: August 15, 2013 Public Disclosure: August 21, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE...

4.3CVSS6.6AI score0.01193EPSS
Exploits3
htbridge
htbridge
added 2013/07/24 12:0 a.m.33 views

Cross-Site Scripting (XSS) in Twilight CMS

High-Tech Bridge Security Research Lab discovered vulnerability in Twilight CMS, which can be exploited to perform Cross-Site Scripting XSS attacks. 1 Cross-Site Scripting XSS in Twilight CMS: CVE-2013-4899 The vulnerability exists due to insufficient filtration of user-supplied data appended to...

4.3CVSS5.8AI score0.01193EPSS
Exploits3Affected Software1
Rows per page
Query Builder