CVE-2014-5113

Visualware Myconnection Server - XSS

Title source: rule

Description

Multiple cross-site scripting (XSS) vulnerabilities in test.php in Visualware MyConnection Server 9.7i allow remote attackers to inject arbitrary web script or HTML via the (1) testtype, (2) ver, (3) cm, (4) map, (5) lines, (6) pps, (7) bpp, (8) codec, (9) provtext, (10) provtextextra, (11) provlink, or (12) duration parameter.

References (3)

[Exploit] http://packetstormsecurity.com/files/127545/MyConnection-Server-MCS-9.7i-Cross-Site-Scripting.html

[Exploit] http://treadstonesecurity.blogspot.ca/2014/07/myconnection-server-mcs-reflective-xss.html

[Exploit] http://www.securityfocus.com/bid/68793

Scores

EPSS 0.0033

EPSS Percentile 55.9%

Details

CWE

CWE-79

Status published

Products (2)

visualware/myconnection_server

n/a/n/a

Published Jul 28, 2014

Tracked Since Feb 18, 2026