Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1781

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-1781
Last Modified 20 Mar 2012 10:01:36
Published 19 Mar 2012 02:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1781

Summary

Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentajax.php in SocialCMS 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) TREF_email_address or (2) TR_name parameters.

Vulnerable Systems

Application

  • Socialcms 1.0.5


References

XF - socialcms-search-xss(73442)

BID - 52109

SECUNIA - 48082

MISC - http://packetstormsecurity.org/files/110043/SocialCMS-Cross-Site-Scripting-SQL-Injection.html

OSVDB - 79457


Last Updated: 27 May 2016 10:57:30