// For flags

CVE-2013-6808

 

Severity Score

4.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cross-site scripting (XSS) vulnerability in lib/NSSDropoff.php in ZendTo before 4.11-13 allows remote attackers to inject arbitrary web script or HTML via a modified emailAddr field to pickup.php.

Cross-site scripting (XSS) en lib / NSSDropoff.php en ZendTo anterior a 4,11-13, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un campo emailAddr modificado en pickup.php.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-11-19 CVE Reserved
  • 2013-12-28 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CAPEC
References (2)
URL Tag Source
http://www.zend.to/changelog.php X_refsource_confirm
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
<= 4.11-12
Search vendor "Zend" for product "Zendto" and version " <= 4.11-12"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.00
Search vendor "Zend" for product "Zendto" and version "4.00"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.01
Search vendor "Zend" for product "Zendto" and version "4.01"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.02
Search vendor "Zend" for product "Zendto" and version "4.02"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.03-3
Search vendor "Zend" for product "Zendto" and version "4.03-3"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.05-2
Search vendor "Zend" for product "Zendto" and version "4.05-2"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.06-2
Search vendor "Zend" for product "Zendto" and version "4.06-2"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.07-1
Search vendor "Zend" for product "Zendto" and version "4.07-1"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.08-4
Search vendor "Zend" for product "Zendto" and version "4.08-4"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.09-1
Search vendor "Zend" for product "Zendto" and version "4.09-1"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.10-4
Search vendor "Zend" for product "Zendto" and version "4.10-4"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.10-5
Search vendor "Zend" for product "Zendto" and version "4.10-5"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-1
Search vendor "Zend" for product "Zendto" and version "4.11-1"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-2
Search vendor "Zend" for product "Zendto" and version "4.11-2"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-3
Search vendor "Zend" for product "Zendto" and version "4.11-3"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-4
Search vendor "Zend" for product "Zendto" and version "4.11-4"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-5
Search vendor "Zend" for product "Zendto" and version "4.11-5"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-7
Search vendor "Zend" for product "Zendto" and version "4.11-7"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-8
Search vendor "Zend" for product "Zendto" and version "4.11-8"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-9
Search vendor "Zend" for product "Zendto" and version "4.11-9"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-10
Search vendor "Zend" for product "Zendto" and version "4.11-10"
-
Affected
Zend
Search vendor "Zend"
Zendto
Search vendor "Zend" for product "Zendto"
4.11-11
Search vendor "Zend" for product "Zendto" and version "4.11-11"
-
Affected