Lucene search
+L

85 matches found

OSV
OSV
added 2013/08/17 4:55 p.m.13 views

UBUNTU-CVE-2013-2022

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

4.3CVSS5.9AI score0.02722EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2013/08/17 4:0 p.m.76 views

CVE-2013-2022

Removed by vendor...

4.3CVSS6.6AI score0.02722EPSS
Exploits1
Cvelist
Cvelist
added 2013/08/17 4:0 p.m.51 views

CVE-2013-2022

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id parameters, a different vulnerability than CVE-2013-1942 and...

5.7AI score0.02722EPSS
Exploits1References8
CVE
CVE
added 2013/08/17 4:0 p.m.68 views

CVE-2013-2022

CVE-2013-2022 refers to multiple XSS vulnerabilities in the Flash SWF component jplayer.swf (jPlayer) within actionscript/Jplayer.as. Affected are jPlayer versions before 2.2.23, where remote attackers could inject arbitrary script or HTML via the (1) jQuery or (2) id parameters in the jplayer.sw...

4.3CVSS5.7AI score0.02722EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2013/08/15 5:55 p.m.36 views

CVE-2013-2023

Cross-site scripting XSS vulnerability in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than...

4.3CVSS5.8AI score0.02461EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2013/08/15 5:55 p.m.45 views

CVE-2013-2023

Cross-site scripting XSS vulnerability in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than...

4.3CVSS6AI score0.02461EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2013/08/15 5:55 p.m.38 views

CVE-2013-1942

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id...

4.3CVSS5.9AI score0.05494EPSS
Exploits2References3
OSV
OSV
added 2013/08/15 5:55 p.m.4 views

UBUNTU-CVE-2013-1942

Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.20, as used in ownCloud Server before 5.0.4 and other products, allow remote attackers to inject arbitrary web script or HTML via the 1 jQuery or 2 id...

4.3CVSS5.8AI score0.05494EPSS
Exploits2References4
Prion
Prion
added 2013/08/15 5:55 p.m.29 views

Cross site scripting

Cross-site scripting XSS vulnerability in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than...

4.3CVSS6.1AI score0.05494EPSS
Exploits3References10Affected Software1
OSV
OSV
added 2013/08/15 5:55 p.m.7 views

UBUNTU-CVE-2013-2023

Cross-site scripting XSS vulnerability in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than...

4.3CVSS5.9AI score0.02461EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2013/08/15 5:0 p.m.71 views

CVE-2013-2023

Removed by vendor...

4.3CVSS6.6AI score0.02461EPSS
Exploits0
Cvelist
Cvelist
added 2013/08/15 5:0 p.m.41 views

CVE-2013-2023

Cross-site scripting XSS vulnerability in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to incomplete blacklists, a different vulnerability than...

5.7AI score0.02461EPSS
Exploits0References10
CVE
CVE
added 2013/08/15 5:0 p.m.88 views

CVE-2013-2023

The CVE-2013-2023 entry documents a cross-site scripting (XSS) vulnerability in the Flash SWF component jplayer.swf (jPlayer) affecting actionscript/Jplayer.as. Affected version is before 2.3.1. The root cause is inadequate input handling (unspecified vectors; mentions incomplete blacklists), all...

4.3CVSS5.8AI score0.02461EPSS
Exploits0References10Affected Software1
CVE
CVE
added 2013/08/15 5:0 p.m.89 views

CVE-2013-1942

CVE-2013-1942 describes multiple XSS vulnerabilities in actionscript/Jplayer.as (jplayer.swf) of the jPlayer Flash SWF component. The flaws allow remote attackers to inject arbitrary script or HTML via the (1) jQuery or (2) id parameters, demonstrated by document.write in the jQuery parameter. Af...

4.3CVSS5.6AI score0.05494EPSS
Exploits2References8Affected Software1
securityvulns
securityvulns
added 2013/07/08 12:0 a.m.52 views

FPD, XSS and CS vulnerabilities in Slash WP theme for WordPress

Hello 3APA3A! I want to warn you about multiple vulnerabilities in Slash WP theme for WordPress. This is commercial theme for WP. These are Full path disclosure, Cross-Site Scripting and Content Spoofing vulnerabilities. ------------------------- Affected products: -------------------------...

6AI score
Exploits0
0day.today
0day.today
added 2013/06/22 12:0 a.m.25 views

WordPress Slash Theme XSS / Spoofing / Disclosure Vulnerabilities

The Slash theme for WordPress suffers from cross site scripting, content spoofing, and path disclosure vulnerabilities. Hello list! I want to warn you about multiple vulnerabilities in Slash WP theme for WordPress. This is commercial theme for WP. These are Full path disclosure, Cross-Site...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2013/06/21 12:0 a.m.46 views

WordPress Slash Theme XSS / Spoofing / Disclosure

Hello list! I want to warn you about multiple vulnerabilities in Slash WP theme for WordPress. This is commercial theme for WP. These are Full path disclosure, Cross-Site Scripting and Content Spoofing vulnerabilities. ------------------------- Affected products: -------------------------...

Exploits0
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.57 views

Vulnerabilities in multiple plugins for WordPress with jPlayer

Hello 3APA3A! I want to inform you about multiple vulnerabilities in multiple plugins for WordPress with jPlayer. These are Cross-Site Scripting and Content Spoofing and vulnerabilities. I've wrote about vulnerabilities in jPlayer earlier http://seclists.org/fulldisclosure/2013/Apr/192. jPlayer i...

6AI score
Exploits0
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.133 views

Vulnerabilities in jPlayer

Hello 3APA3A! I want to inform you about multiple vulnerabilities in jPlayer. These are Cross-Site Scripting and Content Spoofing and vulnerabilities in jPlayer. Which is used at tens thousands of web sites and in multiple web applications. ------------------------- Affected products:...

4.3CVSS5.7AI score0.05494EPSS
Exploits2
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.40 views

Vulnerabilities in multiple themes for WordPress with jPlayer

Hello 3APA3A! I want to inform you about multiple vulnerabilities in multiple themes for WordPress with jPlayer. These are Cross-Site Scripting, Content Spoofing and Full path disclosure vulnerabilities. I've wrote about vulnerabilities in jPlayer earlier...

0.6AI score
Exploits0
Rows per page
Query Builder