cbcvebase.
CVE-2013-5309
published 2013-08-16

CVE-2013-5309: Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows…

PriorityP48low2.6CVSS 2.0
AVNACHAuNCNIPAN
EPSS
1.21%
64.6th percentile
Cross-site scripting (XSS) vulnerability in install/forum_data/src/custom_fields.inc.t in FUDforum 3.0.4.1 and earlier, when registering a new user, allows remote attackers to inject arbitrary web script or HTML via a custom profile field to index.php. NOTE: some of these details are obtained from third party information.

Affected

57 ranges· showing 25
VendorProductVersion rangeFixed in
fudforumfudforum<= 3.0.4.1
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
fudforumfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
ilia_alshanetskyfudforum
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.