CyberSec.Space Logo
Back to CVE Browser

CVE-2014-5113

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile29.92th
PublishedJul 28, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection Server 9.7i allow remote attackers to inject arbitrary web script or HTML via the (1) testtype, (2) ver, (3) cm, (4) map, (5) lines, (6) pps, (7) bpp, (8) codec, (9) provtext, (10) provtextextra, (11) provlink, or (12) duration parameter.

Affected Platforms (CPE)

πŸ“¦
Visualware

Myconnection Server

= 9.7i

References & Advisories

πŸ”— http://packetstormsecurity.com/files/127545/MyConnection-Server-MCS-9.7i-Cross-Site-Scripting.html
πŸ”— http://treadstonesecurity.blogspot.ca/2014/07/myconnection-server-mcs-reflective-xss.html
πŸ”— http://www.securityfocus.com/bid/68793
πŸ”— http://packetstormsecurity.com/files/127545/MyConnection-Server-MCS-9.7i-Cross-Site-Scripting.html
πŸ”— http://treadstonesecurity.blogspot.ca/2014/07/myconnection-server-mcs-reflective-xss.html
πŸ”— http://www.securityfocus.com/bid/68793

Related Vulnerabilities

CVE-2021-271989.8

An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbit...

CVE-2021-275097.5

In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.

CVE-2015-20434.3

Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote attackers to inject arbitr...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...