Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8752

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-8752
Last Modified 02 Jan 2015 08:31:30
Published 31 Dec 2014 04:59:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-8752

Summary

Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Video Niche Script) 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) video or (2) title parameter.

Vulnerable Systems

Application

  • Jce-tech Video Niche Script 4.0


References

BID - 71738

MISC - http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/

FULLDISC - 20141219 CVE-2014-8752 JCE-Tech "Video Niche Script" XSS (Cross-Site Scripting) Security Vulnerability


Last Updated: 27 May 2016 10:55:46