What is CVE-2014-9439?

CVE-2014-9439 is a vulnerability in Efssoft Easy_file_sharing_web_server, classified under Cross-site Scripting. Published 2015-01-02.

Is CVE-2014-9439 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

XSS in Efssoft Easy_file_sharing_web_server

CVE-2014-9439

Cross-site scripting (XSS) vulnerability in Easy File Sharing Web Server 6.8 allows remote attackers to inject arbitrary web script or HTML via the username field during registration, which is not properly handled by forum.ghp.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.012 (79.2th percentile) — read the EPSS interpretation.

Affected products

Efssoft Easy_file_sharing_web_server — versions 6.8
N/a — versions n/a

Weakness classification (CWE)

CWE-79 — Cross-site Scripting

Public proof-of-concept exploits

Parist0nH1ll/Vulnerabilities-Write-Ups

References

easyfilesharingg-username-xss(99532) (vdb-entry, x_refsource_XF)
35626 (exploit, x_refsource_EXPLOIT-DB)

Frequently asked questions

What is CVE-2014-9439?: CVE-2014-9439 is a vulnerability in Efssoft Easy_file_sharing_web_server, classified under Cross-site Scripting. Published 2015-01-02.
Is CVE-2014-9439 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.