Lucene search
K

297 matches found

UbuntuCve
UbuntuCve
added 2014/03/24 2:20 p.m.28 views

CVE-2013-7343

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to inject arbitrary web script or HTML by using URL encoding within the callback parameter name. NOTE: this vulnerability exists because of an incomplete fix fo...

4.3CVSS6AI score0.01486EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2014/03/24 2:20 p.m.34 views

CVE-2013-7342

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback parameter, a related issue to CVE-2013-7341...

4.3CVSS6AI score0.01474EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2014/03/24 2:20 p.m.26 views

CVE-2013-7341

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

4.3CVSS5.9AI score0.02405EPSS
Exploits0References6
Prion
Prion
added 2014/03/24 2:20 p.m.17 views

Cross site scripting

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback parameter, a related issue to CVE-2013-7341...

4.3CVSS6AI score0.02405EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2014/03/24 2:20 p.m.22 views

Cross site scripting

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to inject arbitrary web script or HTML by using URL encoding within the callback parameter name. NOTE: this vulnerability exists because of an incomplete fix fo...

4.3CVSS6AI score0.01486EPSS
Exploits2References2Affected Software1
Prion
Prion
added 2014/03/24 2:20 p.m.21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

4.3CVSS5.9AI score0.02405EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2014/03/24 2:20 p.m.5 views

UBUNTU-CVE-2013-7341

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

4.3CVSS5.9AI score0.02405EPSS
Exploits0References7
OSV
OSV
added 2014/03/24 2:20 p.m.5 views

UBUNTU-CVE-2013-7342

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback parameter, a related issue to CVE-2013-7341...

4.3CVSS5.9AI score0.01474EPSS
Exploits1References4
OSV
OSV
added 2014/03/24 2:20 p.m.4 views

UBUNTU-CVE-2013-7343

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to inject arbitrary web script or HTML by using URL encoding within the callback parameter name. NOTE: this vulnerability exists because of an incomplete fix fo...

4.3CVSS5.9AI score0.01486EPSS
Exploits1References4
Cvelist
Cvelist
added 2014/03/22 1:0 a.m.32 views

CVE-2013-7343

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.3 allows remote attackers to inject arbitrary web script or HTML by using URL encoding within the callback parameter name. NOTE: this vulnerability exists because of an incomplete fix fo...

5.5AI score0.01486EPSS
Exploits1References2
Cvelist
Cvelist
added 2014/03/22 1:0 a.m.42 views

CVE-2013-7341

Multiple cross-site scripting XSS vulnerabilities in Flowplayer Flash before 3.2.17, as used in Moodle through 2.3.11, 2.4.x before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2, allow remote attackers to inject arbitrary web script or HTML by 1 providing a crafted playerId or 2 referencing a...

5.7AI score0.02405EPSS
Exploits0References5
CVE
CVE
added 2014/03/22 1:0 a.m.58 views

CVE-2013-7343

CVE-2013-7343 describes a cross-site scripting (XSS) vulnerability in Flowplayer’s Flash fallback component, specifically in the flowplayer.swf used by Flowplayer HTML5 5.4.3. The issue allows remote attackers to inject arbitrary web script or HTML by abusing URL encoding within the name of the c...

4.3CVSS5.7AI score0.01486EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2014/03/22 1:0 a.m.47 views

CVE-2013-7342

CVE-2013-7342 describes an XSS vulnerability in Flowplayer’s Flash fallback (flowplayer.swf) used by Flowplayer HTML5 5.4.1, exploitable via the callback parameter. Several Nessus entries classify this as an unpatched issue for affected Linux distros, noting no vendor patch is available. Related ...

4.3CVSS5.7AI score0.01474EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2014/03/22 1:0 a.m.31 views

CVE-2013-7342

Cross-site scripting XSS vulnerability in flowplayer.swf in the Flash fallback feature in Flowplayer HTML5 5.4.1 allows remote attackers to inject arbitrary web script or HTML via the callback parameter, a related issue to CVE-2013-7341...

5.6AI score0.01474EPSS
Exploits1References2
CVE
CVE
added 2014/03/22 1:0 a.m.61 views

CVE-2013-7341

CVE-2013-7341 refers to multiple XSS vulnerabilities in Flowplayer Flash before 3.2.17, exploited via Moodle integrations up to Moodle 2.4.9 (and related 2.3.x, 2.4.x, 2.5.x, 2.6.x series). The vulnerabilities allow remote attackers to inject arbitrary scripts/HTML by (1) supplying a crafted play...

4.3CVSS5.8AI score0.02405EPSS
Exploits0References5Affected Software2
Check Point Advisories
Check Point Advisories
added 2013/11/03 12:0 a.m.53 views

OpenX Ad Server Backdoor PHP Code Execution (CVE-2013-4211)

A Code Execution vulnerability has been reported in OpenX Ad Server. The vulnerability is due to the existence of a backdoor within the flowplayer-3.1.1.min.js library. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could...

7.5CVSS9.3AI score0.76415EPSS
Exploits5
UbuntuCve
UbuntuCve
added 2013/10/10 12:55 a.m.23 views

CVE-2013-2138

The 1 uploadify and 2 flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack...

7.5CVSS5.9AI score0.02707EPSS
Exploits0References2
CVE
CVE
added 2013/10/10 12:0 a.m.55 views

CVE-2013-2138

The CVE-2013-2138 issue affects Gallery 3 before 3.0.8 where the uploadify and flowplayer SWF files do not properly remove query parameters and fragments, allowing an unspecified impact via a replay attack. Related entry CVE-2013-2240 notes that lib/flowplayer.swf.php in Gallery 3 before 3.0.9 al...

7.5CVSS6.5AI score0.02707EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2013/10/10 12:0 a.m.30 views

CVE-2013-2138

The 1 uploadify and 2 flowplayer SWF files in Gallery 3 before 3.0.8 do not properly remove query parameters and fragments, which allows remote attackers to have an unspecified impact via a replay attack...

6.3AI score0.02707EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2013/08/15 12:0 a.m.78 views

OpenX flowplayer-3.1.1.min.js Backdoor Remote Code Execution

The version of OpenX installed on the remote host contains a backdoor and allows the execution of arbitrary PHP code, subject to the privileges under which the web server operates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

9.8CVSS8.8AI score0.76415EPSS
Exploits5References2
Rows per page
Query Builder