6 matches found
CVE-2013-7003
LiveZilla CVE-2013-7003 describes multiple stored XSS vulnerabilities in the Webbased Operator Client affecting versions before 5.1.2.0. Attackers could inject arbitrary script via (1) full name, (2) company, or (3) filename used in chat.php. The vulnerability is mitigated by upgrading to 5.1.2.0...
CVE-2013-7032
Multiple cross-site scripting XSS vulnerabilities in the web based operator client in LiveZilla before 5.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name of an uploaded file or 2 customer name in a resource created from an uploaded file, a different vulnerability...
CVE-2013-7032
CVE-2013-7032 affects LiveZilla’s web-based operator client up to version 5.1.2.0 (fixed in 5.1.2.1). The vulnerability enables multiple stored XSS via (1) the name of an uploaded file and (2) the customer name in a resource created from an uploaded file, allowing injected scripts in the operator...
LiveZilla 5.1.1.0 Stored XSS in operator clients
Author: Jakub Zoczek [email protected] CVE Reference: CVE-2013-7003 Product: LiveZilla Vendor: LiveZilla GmbH http://livezilla.net Affected version: 5.1.1.0 Severity: Medium CVSSv2 Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Status: Fixed 0x01 Background LiveZilla, the widely-used and trusted Live Help...
LiveZilla < 5.1.2.1 Multiple Vulnerabilities
The version of LiveZilla hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. Note that CVE-2013-7003 was reportedly fixed in version...
LiveZilla 5.1.1.0 Cross Site Scripting
Author: Jakub Zoczek [email protected] CVE Reference: CVE-2013-7003 Product: LiveZilla Vendor: LiveZilla GmbH http://livezilla.net Affected version: 5.1.1.0 Severity: Medium CVSSv2 Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Status: Fixed 0x01 Background LiveZilla, the widely-used and trusted Live Help...