Fex Security Vulnerabilities and Issues — Fex CVE List

Lucene search

Ulli HorlacherFex

6 matches found

CVE•added 2012/09/25 11:55 p.m.•64 views

CVE-2012-0869

Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

4.3CVSS5.5AI score0.17093EPSS

CVE•added 2014/06/18 2:55 p.m.•58 views

CVE-2014-3877

Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fup.

4.3CVSS5.8AI score0.00274EPSS

CVE•added 2014/06/18 2:55 p.m.•54 views

CVE-2014-3876

Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey parameter to rup or (2) disclaimer or (3) gm parameter to fuc.

4.3CVSS5.9AI score0.00254EPSS

CVE•added 2012/09/25 11:55 p.m.•50 views

CVE-2012-1293

Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.

4.3CVSS5.7AI score0.0053EPSS

CVE•added 2019/11/27 7:15 p.m.•49 views

CVE-2014-3875

The addto parameter to fup in Frams' Fast File EXchange (F*EX, aka fex) before fex-2014053 allows remote attackers to conduct cross-site scripting (XSS) attacks

6.1CVSS5.8AI score0.00789EPSS

CVE•added 2011/06/24 8:55 p.m.•41 views

CVE-2011-1409

Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID.

5CVSS7.1AI score0.00676EPSS