Ulli Horlacher : Security vulnerabilities, CVEs published in 2014

Copy

CVE-2014-3876

Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey parameter to rup or (2) disclaimer or (3) gm parameter to fuc.

Max CVSS

4.3

EPSS Score

0.18%

Published

2014-06-18

Updated

2014-06-18

CVE-2014-3877

Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fup.

Max CVSS

4.3

EPSS Score

0.24%

Published

2014-06-18

Updated

2014-06-18

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!