Incomplete blacklist vulnerability in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allows remote attackers to conduct cross-site scripting (XSS) attacks via the addto parameter to fup.
Max CVSS
4.3
EPSS Score
0.24%
Published
2014-06-18
Updated
2014-06-18
Multiple cross-site scripting (XSS) vulnerabilities in Frams' Fast File EXchange (F*EX, aka fex) before fex-20140530 allow remote attackers to inject arbitrary web script or HTML via the (1) akey parameter to rup or (2) disclaimer or (3) gm parameter to fuc.
Max CVSS
4.3
EPSS Score
0.18%
Published
2014-06-18
Updated
2014-06-18
The addto parameter to fup in Frams' Fast File EXchange (F*EX, aka fex) before fex-2014053 allows remote attackers to conduct cross-site scripting (XSS) attacks
Max CVSS
6.1
EPSS Score
0.31%
Published
2019-11-27
Updated
2019-12-06
Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.
Max CVSS
4.3
EPSS Score
0.30%
Published
2012-09-25
Updated
2012-10-30
Cross-site scripting (XSS) vulnerability in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20120215 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Max CVSS
4.3
EPSS Score
1.11%
Published
2012-09-25
Updated
2017-08-29
Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks an authentication ID.
Max CVSS
5.0
EPSS Score
0.65%
Published
2011-06-24
Updated
2017-08-17
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!