Juan Ramon Osclass vulnerabilities
2 known vulnerabilities affecting juan_ramon/osclass.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2012-1617P3MEDIUMCVSS 6.4PoC≤ 2.3.5v1.1+16 more2012-09-26
CVE-2012-1617 [MEDIUM] CWE-22 CVE-2012-1617: Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to
Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability can be leveraged to upload arbitrary files.
nvd
CVE-2012-0974P4MEDIUMCVSS 4.3PoC≤ 2.3.4v1.1+15 more2012-09-25
CVE-2012-0974 [MEDIUM] CWE-79 CVE-2012-0974: Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/
Multiple cross-site scripting (XSS) vulnerabilities in the getParam function in oc-includes/osclass/core/Params.php in OSClass before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) sCity, (2) sPattern, (3) sPriceMax, and (4) sPriceMin parameters in a search action to index.php.
nvd