Lucene search
HistoryMar 28, 2014 - 3:55 p.m.
CVE-2013-0734
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
65.1%
Multiple cross-site scripting (XSS) vulnerabilities in the Mingle Forum plugin before 1.0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) search_words parameter in a search action to wpf.class.php or (2) togroupusers parameter in an add_user_togroup action to fs-admin/fs-admin.php.
Affected configurations
Node
cartpaujmingle-forumRange≤1.0.33
ORcartpaujmingle-forumMatch1.0.00
ORcartpaujmingle-forumMatch1.0.01
ORcartpaujmingle-forumMatch1.0.02
ORcartpaujmingle-forumMatch1.0.03
ORcartpaujmingle-forumMatch1.0.04
ORcartpaujmingle-forumMatch1.0.05
ORcartpaujmingle-forumMatch1.0.06
ORcartpaujmingle-forumMatch1.0.07
ORcartpaujmingle-forumMatch1.0.08
ORcartpaujmingle-forumMatch1.0.09
ORcartpaujmingle-forumMatch1.0.10
ORcartpaujmingle-forumMatch1.0.11
ORcartpaujmingle-forumMatch1.0.12
ORcartpaujmingle-forumMatch1.0.13
ORcartpaujmingle-forumMatch1.0.14
ORcartpaujmingle-forumMatch1.0.15
ORcartpaujmingle-forumMatch1.0.16
ORcartpaujmingle-forumMatch1.0.17
ORcartpaujmingle-forumMatch1.0.18
ORcartpaujmingle-forumMatch1.0.19
ORcartpaujmingle-forumMatch1.0.20
ORcartpaujmingle-forumMatch1.0.21
ORcartpaujmingle-forumMatch1.0.21.1
ORcartpaujmingle-forumMatch1.0.22
ORcartpaujmingle-forumMatch1.0.23
ORcartpaujmingle-forumMatch1.0.23.1
ORcartpaujmingle-forumMatch1.0.23.2
ORcartpaujmingle-forumMatch1.0.24
ORcartpaujmingle-forumMatch1.0.25
ORcartpaujmingle-forumMatch1.0.26
ORcartpaujmingle-forumMatch1.0.27
ORcartpaujmingle-forumMatch1.0.28
ORcartpaujmingle-forumMatch1.0.28.1
ORcartpaujmingle-forumMatch1.0.28.2
ORcartpaujmingle-forumMatch1.0.29
ORcartpaujmingle-forumMatch1.0.30
ORcartpaujmingle-forumMatch1.0.31
ORcartpaujmingle-forumMatch1.0.31.1
ORcartpaujmingle-forumMatch1.0.31.2
ORcartpaujmingle-forumMatch1.0.31.3
ORcartpaujmingle-forumMatch1.0.31.4
ORcartpaujmingle-forumMatch1.0.32
ORcartpaujmingle-forumMatch1.0.32.1
wordpresswordpressMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cartpauj | mingle-forum | * | cpe:2.3:a:cartpauj:mingle-forum:*:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.00 | cpe:2.3:a:cartpauj:mingle-forum:1.0.00:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.01 | cpe:2.3:a:cartpauj:mingle-forum:1.0.01:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.02 | cpe:2.3:a:cartpauj:mingle-forum:1.0.02:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.03 | cpe:2.3:a:cartpauj:mingle-forum:1.0.03:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.04 | cpe:2.3:a:cartpauj:mingle-forum:1.0.04:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.05 | cpe:2.3:a:cartpauj:mingle-forum:1.0.05:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.06 | cpe:2.3:a:cartpauj:mingle-forum:1.0.06:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.07 | cpe:2.3:a:cartpauj:mingle-forum:1.0.07:*:*:*:*:*:*:* |
| cartpauj | mingle-forum | 1.0.08 | cpe:2.3:a:cartpauj:mingle-forum:1.0.08:*:*:*:*:*:*:* |
Related
wpvulndb
wpvulndb
Mingle Forum 1.0.33.3 - wpf.class.php search_words Parameter XSS
2014-08-01 10:58:48
Mingle Forum 1.0.33.3 - fs-admin.php togroupusers Parameter XSS
2014-08-01 10:58:48
prion
prion
Cross site scripting
2014-03-28 15:55:00
patchstack
patchstack
WordPress Mingle Forum Plugin <= 1.0.34 - Multiple XSS
2013-01-02 00:00:00
cve
cve
CVE-2013-0734
2014-03-28 15:55:08
cvelist
cvelist
CVE-2013-0734
2014-03-28 15:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
65.1%
Related for NVD:CVE-2013-0734