cleantalk
Vulnerabilities and Security Researches

eHive Account Details, CVE-2013-6837

CVE, Research URL

CVE-2013-6837

Home page URL

Security reports for eHive Account Details

Application

eHive Account Details

Published on
Dec 19, 2013
Research Description
Cross-site scripting (XSS) vulnerability in the setTimeout function in js/jquery.prettyPhoto.js in prettyPhoto 3.1.4 and earlier allows remote attackers to inject arbitrary web script or HTML via a crafted PATH_INTO to the default URI.
Affected versions
Min -, max 2.1.3.
Status
vulnerable
Previous vulnerability researches
WP Easy Gallery – WordPress Gallery Plugin (CVE-2024-9018) , Oct 01, 2024
WP Easy Gallery – WordPress Gallery Plugin (ab07689cea09dc1b31a6168441b576a38459ecee) , Jun 07, 2024
WP Easy Gallery – WordPress Gallery Plugin (CVE-2013-6837) , Jun 07, 2024
WP Easy Gallery – WordPress Gallery Plugin (CVE-2024-8436) , Sep 25, 2024
WP Easy Gallery – WordPress Gallery Plugin (CVE-2024-8437) , Sep 25, 2024
New vulnerability
Able Player, accessible HTML5 media player (CVE-2025-3752) , May 02, 2025
WP Statistics (CVE-2025-3953) , May 01, 2025
Calculated Fields Form (CVE-2024-12273) , May 01, 2025
Admin and Site Enhancements (ASE) (CVE-2024-13688) , Apr 30, 2025
WordPress Simple Shopping Cart (CVE-2025-3529) , Apr 30, 2025