CVE-2013-6163

Exploit

EPSS 0.67%
Veröffentlicht 14.11.2013 20:55:04
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in ProjeQtOr (formerly Project'Or RIA) before 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) type parameter to view/parameter.php, (2) p1value parameter to view/main.php, or (3) objectClass parameter to view/objectDetail.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 13

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Projeqtor ≫ Projeqtor Version <= 3.4.4

Projeqtor ≫ Projeqtor Version0.1.0

Projeqtor ≫ Projeqtor Version0.2.0

Projeqtor ≫ Projeqtor Version0.3.0

Projeqtor ≫ Projeqtor Version0.4.0

Projeqtor ≫ Projeqtor Version0.5.0

Projeqtor ≫ Projeqtor Version0.6.0

Projeqtor ≫ Projeqtor Version0.6.1

Projeqtor ≫ Projeqtor Version0.7.0

Projeqtor ≫ Projeqtor Version0.8.0

Projeqtor ≫ Projeqtor Version0.8.1

Projeqtor ≫ Projeqtor Version0.9.0

Projeqtor ≫ Projeqtor Version1.0.0

Projeqtor ≫ Projeqtor Version1.0.1

Projeqtor ≫ Projeqtor Version1.1.0

Projeqtor ≫ Projeqtor Version1.2.0

Projeqtor ≫ Projeqtor Version1.2.1

Projeqtor ≫ Projeqtor Version1.3.0

Projeqtor ≫ Projeqtor Version1.3.1

Projeqtor ≫ Projeqtor Version1.4.0

Projeqtor ≫ Projeqtor Version1.4.1

Projeqtor ≫ Projeqtor Version1.4.2

Projeqtor ≫ Projeqtor Version1.5.0

Projeqtor ≫ Projeqtor Version1.5.1

Projeqtor ≫ Projeqtor Version1.5.2

Projeqtor ≫ Projeqtor Version1.5.3

Projeqtor ≫ Projeqtor Version1.5.4

Projeqtor ≫ Projeqtor Version1.5.5

Projeqtor ≫ Projeqtor Version1.6.0

Projeqtor ≫ Projeqtor Version1.6.1

Projeqtor ≫ Projeqtor Version1.6.2

Projeqtor ≫ Projeqtor Version1.7.0

Projeqtor ≫ Projeqtor Version1.7.1

Projeqtor ≫ Projeqtor Version1.7.2

Projeqtor ≫ Projeqtor Version1.8.0

Projeqtor ≫ Projeqtor Version1.8.1

Projeqtor ≫ Projeqtor Version1.8.2

Projeqtor ≫ Projeqtor Version1.8.3

Projeqtor ≫ Projeqtor Version1.9.0

Projeqtor ≫ Projeqtor Version1.9.1

Projeqtor ≫ Projeqtor Version2.0.0

Projeqtor ≫ Projeqtor Version2.0.1

Projeqtor ≫ Projeqtor Version2.1.0

Projeqtor ≫ Projeqtor Version2.1.1

Projeqtor ≫ Projeqtor Version2.2.0

Projeqtor ≫ Projeqtor Version2.2.1

Projeqtor ≫ Projeqtor Version2.2.2

Projeqtor ≫ Projeqtor Version2.2.3

Projeqtor ≫ Projeqtor Version2.3.0

Projeqtor ≫ Projeqtor Version2.4.0

Projeqtor ≫ Projeqtor Version2.4.1

Projeqtor ≫ Projeqtor Version2.4.2

Projeqtor ≫ Projeqtor Version2.4.3

Projeqtor ≫ Projeqtor Version2.5.0

Projeqtor ≫ Projeqtor Version2.5.1

Projeqtor ≫ Projeqtor Version2.5.2

Projeqtor ≫ Projeqtor Version2.5.3

Projeqtor ≫ Projeqtor Version2.6.0

Projeqtor ≫ Projeqtor Version2.6.1

Projeqtor ≫ Projeqtor Version2.6.2

Projeqtor ≫ Projeqtor Version2.6.3

Projeqtor ≫ Projeqtor Version3.0.0

Projeqtor ≫ Projeqtor Version3.0.1

Projeqtor ≫ Projeqtor Version3.0.2

Projeqtor ≫ Projeqtor Version3.1.0

Projeqtor ≫ Projeqtor Version3.1.1

Projeqtor ≫ Projeqtor Version3.1.2

Projeqtor ≫ Projeqtor Version3.1.3

Projeqtor ≫ Projeqtor Version3.1.4

Projeqtor ≫ Projeqtor Version3.2.0

Projeqtor ≫ Projeqtor Version3.2.1

Projeqtor ≫ Projeqtor Version3.2.2

Projeqtor ≫ Projeqtor Version3.3.0

Projeqtor ≫ Projeqtor Version3.3.1

Projeqtor ≫ Projeqtor Version3.3.2

Projeqtor ≫ Projeqtor Version3.4.0

Projeqtor ≫ Projeqtor Version3.4.1

Projeqtor ≫ Projeqtor Version3.4.2

Projeqtor ≫ Projeqtor Version3.4.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.67%	0.688

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://archives.neohapsis.com/archives/bugtraq/2013-11/0021.html

http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0032.html

http://osvdb.org/99366

http://osvdb.org/99368

http://osvdb.org/99369

http://packetstormsecurity.com/files/123916

Exploit

http://projectorria.org/index.php/menu_download_en/menu_history_en

http://secunia.com/advisories/55451

Vendor Advisory

http://www.securityfocus.com/bid/63539

Exploit