CVE-2012-1416
- EPSS 1.12%
- Veröffentlicht 08.10.2012 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:39:29
Multiple cross-site request forgery (CSRF) vulnerabilities in SocialCMS 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add administrator accounts via a member_new action to my_admin/admin1_members.ph...
CVE-2012-1982
- EPSS 0.78%
- Veröffentlicht 05.04.2012 14:55:05
- Zuletzt bearbeitet 16.06.2026 23:40:44
Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title parameter in an edit action.
CVE-2012-1780
- EPSS 1.45%
- Veröffentlicht 19.03.2012 18:55:02
- Zuletzt bearbeitet 16.06.2026 23:40:17
SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2012-1781
- EPSS 1.21%
- Veröffentlicht 19.03.2012 18:55:02
- Zuletzt bearbeitet 16.06.2026 23:40:17
Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentajax.php in SocialCMS 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) TREF_email_address or (2) TR_name parameters.