Unrated severityNVD Advisory· Published Sep 25, 2012· Updated Apr 29, 2026
CVE-2012-1293
CVE-2012-1293
Description
Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to or (2) from parameters.
Affected products
43cpe:2.3:a:ulli_horlacher:fex:*:*:*:*:*:*:*:*+ 42 more
- cpe:2.3:a:ulli_horlacher:fex:*:*:*:*:*:*:*:*range: <=20111129
- cpe:2.3:a:ulli_horlacher:fex:20110609:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110610:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110614:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110615:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110616:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110621:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110622:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110627:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110630:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110701:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110714:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110716:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110722:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110726:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110727:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110730:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110731:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110803:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110807:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110808:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110809:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110810:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110811:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110813:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110826:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110829:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110830:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110901:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110905:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110906:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110907:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110919:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110920:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110921:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20110930:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20111003:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20111005:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20111013:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20111028:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20111102:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20111108:*:*:*:*:*:*:*
- cpe:2.3:a:ulli_horlacher:fex:20111115:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- fex.rus.uni-stuttgart.de/fex.htmlnvdPatch
- www.openwall.com/lists/oss-security/2012/02/20/1nvdExploit
- secunia.com/advisories/47971nvdVendor Advisory
- archives.neohapsis.com/archives/bugtraq/2012-02/0109.htmlnvd
- archives.neohapsis.com/archives/bugtraq/2012-02/0112.htmlnvd
- osvdb.org/79420nvd
- www.debian.org/security/2012/dsa-2414nvd
- www.openwall.com/lists/oss-security/2012/02/20/8nvd
- www.openwall.com/lists/oss-security/2012/02/23/2nvd
- www.securityfocus.com/bid/52085nvd
News mentions
0No linked articles in our index yet.