Vulnerabilities > Livezilla > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-02-14 | CVE-2013-7032 | Cross-Site Scripting vulnerability in Livezilla Multiple cross-site scripting (XSS) vulnerabilities in the web based operator client in LiveZilla before 5.1.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) name of an uploaded file or (2) customer name in a resource created from an uploaded file, a different vulnerability than CVE-2013-7003. | 4.3 |
| 2013-12-21 | CVE-2013-7002 | Cross-Site Scripting vulnerability in Livezilla Cross-site scripting (XSS) vulnerability in mobile/php/translation/index.php in LiveZilla before 5.1.1.0 allows remote attackers to inject arbitrary web script or HTML via the g_language parameter. | 4.3 |
| 2013-12-10 | CVE-2013-6224 | Cross-Site Scripting vulnerability in Livezilla Multiple cross-site scripting (XSS) vulnerabilities in LiveZilla before 5.1.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) a name in the call administrator feature, (2) unspecified vectors to the admins visitor information panel, or (3) a text message in a chat session, which is saved in the archive section. | 4.3 |
| 2010-12-30 | CVE-2010-4276 | Cross-Site Scripting vulnerability in Livezilla 3.2.0.2 Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript/jstrack.tpl in LiveZilla 3.2.0.2 allows remote attackers to inject arbitrary web script or HTML via the livezilla parameter in a track action to server.php. | 4.3 |
| 2009-12-29 | CVE-2009-4450 | Cross-Site Scripting vulnerability in Livezilla 3.1.8.3 Multiple cross-site scripting (XSS) vulnerabilities in map.php in LiveZilla 3.1.8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) lat, (2) lng, and (3) zom parameters, which are not properly handled when processed with templates/map.tpl. | 4.3 |