CVE-2013-7289

Опубликовано: 10 янв. 2014

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) email, or (4) username parameter.

Ссылки

http://aphpkb.blogspot.dk/2013/12/release-of-aphpkb-0958.html
Patch
Vendor Advisory
http://osvdb.org/101466
http://secunia.com/advisories/56228
Vendor Advisory
http://sourceforge.net/p/aphpkb/code/91
http://aphpkb.blogspot.dk/2013/12/release-of-aphpkb-0958.html
Patch
Vendor Advisory
http://osvdb.org/101466
http://secunia.com/advisories/56228
Vendor Advisory
http://sourceforge.net/p/aphpkb/code/91

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:aphpkb:aphpkb:*:*:*:*:*:*:*:*

Версия до 0.95.7 (включая)

cpe:2.3:a:aphpkb:aphpkb:0.1:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.2:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.3:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.4:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.5:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.6:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.9:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.21:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.31:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.33:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.35:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.38:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.39:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.41:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.42:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.43:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.44:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.45:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.51:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.52:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.53:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.54:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.55:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.56:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.57:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.58:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.59:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.61:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.62:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.63:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.64:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.65:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.66:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.67:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.70:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.71:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.72:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.73:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.74:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.75:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.76:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.77:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.78:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.79:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.80:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.81:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.82:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.83:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.84:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.85:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.86:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.87:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.88:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.88.5:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.88.6:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.88.7:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.88.8:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.89:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.91:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.1:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.2:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.3:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.4:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.5:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.6:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.7:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.8:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.92.9:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.1:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.2:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.3:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.4:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.5:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.6:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.7:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.8:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.93.9:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.1:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.2:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.3:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.4:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.5:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.6:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.7:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.8:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.94.9:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.95:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.95.1:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.95.2:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.95.3:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.95.4:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.95.5:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.95.6:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.361:*:*:*:*:*:*:*

cpe:2.3:a:aphpkb:aphpkb:0.371:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.00309

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-wc36-xcjr-fj7g

github

больше 3 лет назад