cleantalk
Vulnerabilities and Security Researches

eHive Account Details, CVE-2013-6837

CVE, Research URL

CVE-2013-6837

Home page URL

Security reports for eHive Account Details

Application

eHive Account Details

Published on
Dec 19, 2013
Research Description
Cross-site scripting (XSS) vulnerability in the setTimeout function in js/jquery.prettyPhoto.js in prettyPhoto 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted PATH_INTO to the default URI.
Affected versions
Min -, max 2.1.3.
Status
vulnerable
Previous vulnerability researches
eHive Account Details (5a1ac2bfb25451558629aa1cce94249ff4f9b6f4) , Jun 07, 2024
eHive Account Details (CVE-2013-6837) , Jun 07, 2024
New vulnerability
Printcart Web to Print Product Designer for WooCommerce (CVE-2025-47641) , May 20, 2025
Formality (CVE-2025-3858) , May 20, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2024-9227) , May 19, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNC (CVE-2024-9450) , May 19, 2025
PWA for WP & AMP (CVE-2024-7759) , May 19, 2025