CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Veracode•added 2019/01/15 9:2 a.m.•22 views

Cross-site Scripting (XSS)

cups is vulnerable to cross-site scripting XSS attacks. The vulnerability exists as scheduler/client.c in Common Unix Printing System CUPS before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the ispathabsolute function...

4.3CVSS5.2AI score0.01035EPSS

Exploits0References15Affected Software1

Mageia•added 2014/04/24 7:10 p.m.•31 views

Updated cups packages fix CVE-2014-2856

Updated cups packages fix security vulnerability: Cross-site scripting XSS vulnerability in scheduler/client.c in Common Unix Printing System CUPS before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the ispathabsolute function CVE-2014-2856...

4.3CVSS5.7AI score0.01035EPSS

Exploits0References3

NVD•added 2014/04/18 2:55 p.m.•10 views

CVE-2014-2856

Cross-site scripting XSS vulnerability in scheduler/client.c in Common Unix Printing System CUPS before 1.7.2 allows remote attackers to inject arbitrary web script or HTML via the URL path, related to the ispathabsolute function...

4.3CVSS7.2AI score0.01035EPSS

Exploits0References10

Prion•added 2014/04/18 2:55 p.m.•27 views

Cross site scripting

4.3CVSS6AI score0.01035EPSS

Exploits0References10Affected Software1

Debian CVE•added 2014/04/18 2:0 p.m.•22 views

CVE-2014-2856

4.3CVSS7AI score0.01035EPSS

Exploits0

CVE•added 2014/04/18 2:0 p.m.•270 views

CVE-2014-2856

CVE-2014-2856 affects the Common UNIX Printing System (CUPS) web interface. The vulnerability is a cross-site scripting (XSS) flaw in scheduler/client.c related to the is_path_absolute function, exploitable via the URL path. It exists in CUPS versions before 1.7.2 and allows remote attackers to i...

4.3CVSS6.5AI score0.01035EPSS

Exploits0References10Affected Software1