Lucene search
K

4 matches found

securityvulns
securityvulns
added 2013/12/09 12:0 a.m.131 views

Cross-Site Scripting (XSS) in Zikula Application Framework

Advisory ID: HTB23178 Product: Zikula Application Framework Vendor: Zikula Software Foundation Vulnerable Versions: 1.3.5 build 20 and probably prior Tested Version: 1.3.5 build 20 Advisory Publication: October 16, 2013 without technical details Vendor Notification: October 16, 2013 Vendor Patch:...

4.3CVSS6.3AI score0.0122EPSS
Exploits3
0day.today
0day.today
added 2013/11/15 12:0 a.m.81 views

Zikula 1.3.5 Build 20 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Product: Zikula Application Framework Vendor: Zikula Software Foundation Vulnerable Versions: 1.3.5 build 20 and probably prior Tested Version: 1.3.5 build 20 Advisory Publication: October 16, 2013 without technical details Vendor Notification...

4.3CVSS6.5AI score0.0122EPSS
Exploits3
CVE
CVE
added 2013/11/14 8:0 p.m.51 views

CVE-2013-6168

CVE-2013-6168 affects Zikula Application Framework (pre-1.3.6). The vulnerability arises from insufficient sanitisation of the returnpage parameter in index.php, enabling cross-site scripting (XSS) via crafted links. The HTB advisory HTB23178 documents exploitation and confirms the fixed vendor p...

4.3CVSS5.7AI score0.0122EPSS
Exploits3References5Affected Software1
Packet Storm
Packet Storm
added 2013/11/13 12:0 a.m.68 views

Zikula 1.3.5 Build 20 Cross Site Scripting

Advisory ID: HTB23178 Product: Zikula Application Framework Vendor: Zikula Software Foundation Vulnerable Versions: 1.3.5 build 20 and probably prior Tested Version: 1.3.5 build 20 Advisory Publication: October 16, 2013 without technical details Vendor Notification: October 16, 2013 Vendor Patch:...

4.3CVSS6.6AI score0.0122EPSS
Exploits3
Rows per page
Query Builder