Search
Find a vulnerability
Search criteria
2 vulnerabilities found for video_niche_script by jce-tech
CVE-2014-8752 (GCVE-0-2014-8752)
Vulnerability from nvd – Published: 2014-12-31 21:00 – Updated: 2024-08-06 13:26
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Video Niche Script) 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) video or (2) title parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://tetraph.com/security/cves/cve-2014-8752-jc… | x_refsource_MISC |
| http://www.securityfocus.com/bid/71738 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2014/Dec/84 | mailing-listx_refsource_FULLDISC |
Date Public
2014-12-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/"
},
{
"name": "71738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71738"
},
{
"name": "20141219 CVE-2014-8752 JCE-Tech \"Video Niche Script\" XSS (Cross-Site Scripting) Security Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/84"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Video Niche Script) 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) video or (2) title parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-31T20:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/"
},
{
"name": "71738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71738"
},
{
"name": "20141219 CVE-2014-8752 JCE-Tech \"Video Niche Script\" XSS (Cross-Site Scripting) Security Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/84"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Video Niche Script) 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) video or (2) title parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/",
"refsource": "MISC",
"url": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/"
},
{
"name": "71738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71738"
},
{
"name": "20141219 CVE-2014-8752 JCE-Tech \"Video Niche Script\" XSS (Cross-Site Scripting) Security Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/84"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8752",
"datePublished": "2014-12-31T21:00:00.000Z",
"dateReserved": "2014-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:26:02.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8752 (GCVE-0-2014-8752)
Vulnerability from cvelistv5 – Published: 2014-12-31 21:00 – Updated: 2024-08-06 13:26
VLAI
Summary
Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Video Niche Script) 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) video or (2) title parameter.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://tetraph.com/security/cves/cve-2014-8752-jc… | x_refsource_MISC |
| http://www.securityfocus.com/bid/71738 | vdb-entryx_refsource_BID |
| http://seclists.org/fulldisclosure/2014/Dec/84 | mailing-listx_refsource_FULLDISC |
Date Public
2014-12-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:26:02.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/"
},
{
"name": "71738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71738"
},
{
"name": "20141219 CVE-2014-8752 JCE-Tech \"Video Niche Script\" XSS (Cross-Site Scripting) Security Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/84"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-12-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Video Niche Script) 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) video or (2) title parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-12-31T20:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/"
},
{
"name": "71738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71738"
},
{
"name": "20141219 CVE-2014-8752 JCE-Tech \"Video Niche Script\" XSS (Cross-Site Scripting) Security Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Dec/84"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-8752",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in view.php in JCE-Tech PHP Video Script (aka Video Niche Script) 4.0 allow remote attackers to inject arbitrary web script or HTML via the (1) video or (2) title parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/",
"refsource": "MISC",
"url": "http://tetraph.com/security/cves/cve-2014-8752-jce-tech-video-niche-script-xss-cross-site-scripting-security-vulnerability/"
},
{
"name": "71738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71738"
},
{
"name": "20141219 CVE-2014-8752 JCE-Tech \"Video Niche Script\" XSS (Cross-Site Scripting) Security Vulnerability",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Dec/84"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-8752",
"datePublished": "2014-12-31T21:00:00.000Z",
"dateReserved": "2014-10-13T00:00:00.000Z",
"dateUpdated": "2024-08-06T13:26:02.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}