CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-5113

MEDIUM
4.3
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile29.92th
Published2014年7月28日
Last Modified2026年5月6日

Vulnerability Description

Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection Server 9.7i allow remote attackers to inject arbitrary web script or HTML via the (1) testtype, (2) ver, (3) cm, (4) map, (5) lines, (6) pps, (7) bpp, (8) codec, (9) provtext, (10) provtextextra, (11) provlink, or (12) duration parameter.

Affected Platforms (CPE)

📦
Visualware

Myconnection Server

= 9.7i

References & Advisories

🔗 http://packetstormsecurity.com/files/127545/MyConnection-Server-MCS-9.7i-Cross-Site-Scripting.html
🔗 http://treadstonesecurity.blogspot.ca/2014/07/myconnection-server-mcs-reflective-xss.html
🔗 http://www.securityfocus.com/bid/68793
🔗 http://packetstormsecurity.com/files/127545/MyConnection-Server-MCS-9.7i-Cross-Site-Scripting.html
🔗 http://treadstonesecurity.blogspot.ca/2014/07/myconnection-server-mcs-reflective-xss.html
🔗 http://www.securityfocus.com/bid/68793

関連する脆弱性情報

CVE-2021-271989.8

An issue was discovered in Visualware MyConnection Server before v11.1a. Unauthenticated Remote Code Execution can occur via Arbit...

CVE-2021-275097.5

In Visualware MyConnection Server before 11.0b build 5382, each published report is not associated with its own access code.

CVE-2015-20434.3

Multiple cross-site scripting (XSS) vulnerabilities in Visualware MyConnection Server 8.2b allow remote attackers to inject arbitr...

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...