Ulli Horlacher: >> Fex >> 20110930 Security Vulnerabilities
Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey parameter to rup or (2) disclaimer or (3) gm parameter to fuc.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-06-18
Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fup.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-06-18
Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
CVSS Score
4.3
EPSS Score
0.171
Published
2012-09-25
Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.
CVSS Score
4.3
EPSS Score
0.005
Published
2012-09-25