Vulnerability Details CVE-2012-0869
Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.171
EPSS Ranking 94.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0109.html
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0112.html
- http://fex.rus.uni-stuttgart.de/fex.html
- http://osvdb.org/79420
- http://secunia.com/advisories/47971
- http://www.debian.org/security/2012/dsa-2414
- http://www.openwall.com/lists/oss-security/2012/02/20/1
- http://www.openwall.com/lists/oss-security/2012/02/20/8
- http://www.openwall.com/lists/oss-security/2012/02/23/2
- http://www.securityfocus.com/bid/52085
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78966
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0109.html
- http://archives.neohapsis.com/archives/bugtraq/2012-02/0112.html
- http://fex.rus.uni-stuttgart.de/fex.html
- http://osvdb.org/79420
- http://secunia.com/advisories/47971
- http://www.debian.org/security/2012/dsa-2414
- http://www.openwall.com/lists/oss-security/2012/02/20/1
- http://www.openwall.com/lists/oss-security/2012/02/20/8
- http://www.openwall.com/lists/oss-security/2012/02/23/2
- http://www.securityfocus.com/bid/52085
- https://exchange.xforce.ibmcloud.com/vulnerabilities/78966
Products affected by CVE-2012-0869
-
cpe:2.3:a:ulli_horlacher:fex:20100208
-
cpe:2.3:a:ulli_horlacher:fex:20110609
-
cpe:2.3:a:ulli_horlacher:fex:20110610
-
cpe:2.3:a:ulli_horlacher:fex:20110614
-
cpe:2.3:a:ulli_horlacher:fex:20110615
-
cpe:2.3:a:ulli_horlacher:fex:20110616
-
cpe:2.3:a:ulli_horlacher:fex:20110621
-
cpe:2.3:a:ulli_horlacher:fex:20110622
-
cpe:2.3:a:ulli_horlacher:fex:20110627
-
cpe:2.3:a:ulli_horlacher:fex:20110630
-
cpe:2.3:a:ulli_horlacher:fex:20110701
-
cpe:2.3:a:ulli_horlacher:fex:20110714
-
cpe:2.3:a:ulli_horlacher:fex:20110716
-
cpe:2.3:a:ulli_horlacher:fex:20110722
-
cpe:2.3:a:ulli_horlacher:fex:20110726
-
cpe:2.3:a:ulli_horlacher:fex:20110727
-
cpe:2.3:a:ulli_horlacher:fex:20110730
-
cpe:2.3:a:ulli_horlacher:fex:20110731
-
cpe:2.3:a:ulli_horlacher:fex:20110803
-
cpe:2.3:a:ulli_horlacher:fex:20110807
-
cpe:2.3:a:ulli_horlacher:fex:20110808
-
cpe:2.3:a:ulli_horlacher:fex:20110809
-
cpe:2.3:a:ulli_horlacher:fex:20110810
-
cpe:2.3:a:ulli_horlacher:fex:20110811
-
cpe:2.3:a:ulli_horlacher:fex:20110813
-
cpe:2.3:a:ulli_horlacher:fex:20110826
-
cpe:2.3:a:ulli_horlacher:fex:20110829
-
cpe:2.3:a:ulli_horlacher:fex:20110830
-
cpe:2.3:a:ulli_horlacher:fex:20110901
-
cpe:2.3:a:ulli_horlacher:fex:20110905
-
cpe:2.3:a:ulli_horlacher:fex:20110906
-
cpe:2.3:a:ulli_horlacher:fex:20110907
-
cpe:2.3:a:ulli_horlacher:fex:20110919
-
cpe:2.3:a:ulli_horlacher:fex:20110920
-
cpe:2.3:a:ulli_horlacher:fex:20110921
-
cpe:2.3:a:ulli_horlacher:fex:20110930
-
cpe:2.3:a:ulli_horlacher:fex:20111003
-
cpe:2.3:a:ulli_horlacher:fex:20111005
-
cpe:2.3:a:ulli_horlacher:fex:20111013
-
cpe:2.3:a:ulli_horlacher:fex:20111028
-
cpe:2.3:a:ulli_horlacher:fex:20111102
-
cpe:2.3:a:ulli_horlacher:fex:20111108
-
cpe:2.3:a:ulli_horlacher:fex:20111115
-
cpe:2.3:a:ulli_horlacher:fex:20111129
-
cpe:2.3:a:ulli_horlacher:fex:20111230
-
cpe:2.3:a:ulli_horlacher:fex:20111231
-
cpe:2.3:a:ulli_horlacher:fex:2011205
-
cpe:2.3:a:ulli_horlacher:fex:20120102
-
cpe:2.3:a:ulli_horlacher:fex:20120106
-
cpe:2.3:a:ulli_horlacher:fex:20120117
-
cpe:2.3:a:ulli_horlacher:fex:20120125
-
cpe:2.3:a:ulli_horlacher:fex:20120201
-
cpe:2.3:a:ulli_horlacher:fex:20120202
-
cpe:2.3:a:ulli_horlacher:fex:20120203
-
cpe:2.3:a:ulli_horlacher:fex:20120204
-
cpe:2.3:a:ulli_horlacher:fex:20120207
-
cpe:2.3:a:ulli_horlacher:fex:20120301
-
cpe:2.3:a:ulli_horlacher:fex:20120305
-
cpe:2.3:a:ulli_horlacher:fex:20120404
-
cpe:2.3:a:ulli_horlacher:fex:20120406
-
cpe:2.3:a:ulli_horlacher:fex:20120407
-
cpe:2.3:a:ulli_horlacher:fex:20120426
-
cpe:2.3:a:ulli_horlacher:fex:20120502
-
cpe:2.3:a:ulli_horlacher:fex:20120504
-
cpe:2.3:a:ulli_horlacher:fex:20120601
-
cpe:2.3:a:ulli_horlacher:fex:20120605
-
cpe:2.3:a:ulli_horlacher:fex:20120606
-
cpe:2.3:a:ulli_horlacher:fex:20120621
-
cpe:2.3:a:ulli_horlacher:fex:20120701
-
cpe:2.3:a:ulli_horlacher:fex:20120702
-
cpe:2.3:a:ulli_horlacher:fex:20120705
-
cpe:2.3:a:ulli_horlacher:fex:20120709
-
cpe:2.3:a:ulli_horlacher:fex:20120710
-
cpe:2.3:a:ulli_horlacher:fex:20120711
-
cpe:2.3:a:ulli_horlacher:fex:20120718
-
cpe:2.3:a:ulli_horlacher:fex:2014053