CVE-2012-6508
- EPSS 0.41%
- Veröffentlicht 24.01.2013 01:55:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change arbitrary user passwords via a nouveau action in the security...
CVE-2012-6509
- EPSS 4.89%
- Veröffentlicht 24.01.2013 01:55:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.
CVE-2012-6510
- EPSS 5.08%
- Veröffentlicht 24.01.2013 01:55:04
- Zuletzt bearbeitet 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PWRS or (2) Description field when posting a new vehicle; (3) news title when creating news; ...
CVE-2010-3418
- EPSS 0.33%
- Veröffentlicht 16.09.2010 22:00:02
- Zuletzt bearbeitet 11.04.2025 00:51:21
Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) car_id parameter to index.php and (2) y parameter to include/images.php.
CVE-2009-0395
- EPSS 0.28%
- Veröffentlicht 03.02.2009 01:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
SQL injection vulnerability in the login feature in NetArt Media Car Portal 1.0 allows remote attackers to execute arbitrary SQL commands via the (1) username and (2) password parameters.