CVE-2013-7289 - OpenCVE

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Andy's PHP Knowledgebase (Aphpkb) before 0.95.8 allow remote attackers to inject arbitrary web script or HTML via the (1) first_name, (2) last_name, (3) email, or (4) username parameter.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Aphpkb	Aphpkb

Configuration 1 [-]

OR	cpe:2.3:a:aphpkb:aphpkb::::::::
	cpe:2.3:a:aphpkb:aphpkb:0.1:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.2:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.3:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.4:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.5:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.6:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.9:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.21:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.31:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.33:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.35:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.38:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.39:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.41:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.42:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.43:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.44:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.45:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.51:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.52:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.53:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.54:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.55:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.56:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.57:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.58:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.59:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.61:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.62:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.63:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.64:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.65:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.66:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.67:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.70:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.71:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.72:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.73:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.74:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.75:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.76:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.77:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.78:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.79:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.80:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.81:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.82:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.83:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.84:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.85:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.86:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.87:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.88:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.88.5:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.88.6:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.88.7:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.88.8:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.89:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.91:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.92:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.92.1:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.92.2:::::::*
	cpe:2.3:a:aphpkb:aphpkb:0.92.3:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.92.4:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.92.5:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.92.6:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.92.7:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.92.8:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.92.9:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.1:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.2:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.3:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.4:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.5:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.6:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.7:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.8:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.93.9:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.1:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.2:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.3:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.4:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.5:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.6:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.7:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.8:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.94.9:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.95:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.95.1:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.95.2:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.95.3:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.95.4:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.95.5:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.95.6:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.361:::::::*
cpe:2.3:a:aphpkb:aphpkb:0.371:::::::*

No data.

References

Link	Providers
http://aphpkb.blogspot.dk/2013/12/release-of-aphpkb-0958.html
http://osvdb.org/101466
http://secunia.com/advisories/56228
http://sourceforge.net/p/aphpkb/code/91

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-01-10T16:00:00Z

Updated: 2024-09-16T17:03:40.553Z

Reserved: 2014-01-10T00:00:00Z

Link: CVE-2013-7289

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-01-10T16:47:05.473

Modified: 2014-02-25T02:01:16.477

Link: CVE-2013-7289

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object