Lucene search
K

6 matches found

CVE
CVE
added 2014/05/05 5:0 p.m.61 views

CVE-2013-7003

LiveZilla CVE-2013-7003 describes multiple stored XSS vulnerabilities in the Webbased Operator Client affecting versions before 5.1.2.0. Attackers could inject arbitrary script via (1) full name, (2) company, or (3) filename used in chat.php. The vulnerability is mitigated by upgrading to 5.1.2.0...

4.3CVSS5.6AI score0.01854EPSS
Exploits2References4Affected Software1
NVD
NVD
added 2014/02/14 7:55 p.m.29 views

CVE-2013-7032

Multiple cross-site scripting XSS vulnerabilities in the web based operator client in LiveZilla before 5.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 name of an uploaded file or 2 customer name in a resource created from an uploaded file, a different vulnerability...

4.3CVSS5.6AI score0.01792EPSS
Exploits0References4
CVE
CVE
added 2014/02/14 7:0 p.m.65 views

CVE-2013-7032

CVE-2013-7032 affects LiveZilla’s web-based operator client up to version 5.1.2.0 (fixed in 5.1.2.1). The vulnerability enables multiple stored XSS via (1) the name of an uploaded file and (2) the customer name in a resource created from an uploaded file, allowing injected scripts in the operator...

4.3CVSS5.6AI score0.01792EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2014/01/09 12:0 a.m.75 views

LiveZilla 5.1.1.0 Stored XSS in operator clients

Author: Jakub Zoczek [email protected] CVE Reference: CVE-2013-7003 Product: LiveZilla Vendor: LiveZilla GmbH http://livezilla.net Affected version: 5.1.1.0 Severity: Medium CVSSv2 Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Status: Fixed 0x01 Background LiveZilla, the widely-used and trusted Live Help...

4.3CVSS1.1AI score0.01854EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2013/12/18 12:0 a.m.59 views

LiveZilla < 5.1.2.1 Multiple Vulnerabilities

The version of LiveZilla hosted on the remote web server is affected by multiple vulnerabilities : - The application is affected by multiple cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. Note that CVE-2013-7003 was reportedly fixed in version...

7.5CVSS5.6AI score0.01854EPSS
Exploits4References6
Packet Storm
Packet Storm
added 2013/12/10 12:0 a.m.53 views

LiveZilla 5.1.1.0 Cross Site Scripting

Author: Jakub Zoczek [email protected] CVE Reference: CVE-2013-7003 Product: LiveZilla Vendor: LiveZilla GmbH http://livezilla.net Affected version: 5.1.1.0 Severity: Medium CVSSv2 Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Status: Fixed 0x01 Background LiveZilla, the widely-used and trusted Live Help...

4.3CVSS0.01854EPSS
Exploits2
Rows per page
Query Builder