Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5169

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-5169
Last Modified 01 Mar 2013 11:46:48
Published 22 Oct 2012 07:55:10
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5169

Summary

Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent before 1.2-2 allow remote attackers to inject arbitrary web script or HTML via the (1) pathext, (2) popup, (3) framed, or (4) file parameter.

Vulnerable Systems

Application

  • Atutor Acontent 1.2


References

MISC - https://www.htbridge.com/advisory/HTB23117

XF - acontent-previewtop-xss(79463)

BID - 56100

CONFIRM - http://update.atutor.ca/acontent/patch/1_2/

SECUNIA - 51034

BUGTRAQ - 20121017 Multiple vulnerabilities in AContent

OSVDB - 86426


Last Updated: 27 May 2016 10:53:40