Stone-Ware Webnetwork vulnerabilities
4 known vulnerabilities affecting stone-ware/webnetwork.
Total CVEs
4
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2012-0286P4MEDIUMCVSS 6.8PoC≤ 6.0.7.0v6.0.5.02012-01-24
CVE-2012-0286 [MEDIUM] CWE-352 CVE-2012-0286: Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote
Cross-site request forgery (CSRF) vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to hijack the authentication of unspecified victims for requests that modify user accounts.
nvd
CVE-2012-0912P3HIGHCVSS 7.5≤ 6.0.7.0v6.0.5.02012-01-24
CVE-2012-0912 [HIGH] CWE-89 CVE-2012-0912: SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execut
SQL injection vulnerability in Stoneware webNetwork before 6.0.8.0 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
nvd
CVE-2012-0285P4MEDIUMCVSS 4.3PoC≤ 6.0.7.0v6.0.5.02012-01-24
CVE-2012-0285 [MEDIUM] CWE-79 CVE-2012-0285: Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow rem
Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork before 6.0.8.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2012-4352P4MEDIUMCVSS 4.3v6.12013-02-18
CVE-2012-4352 [MEDIUM] CWE-79 CVE-2012-4352: Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow rem
Multiple cross-site scripting (XSS) vulnerabilities in Stoneware webNetwork 6.1 before SP1 allow remote attackers to inject arbitrary web script or HTML via the blogName parameter to (1) community/blog.jsp or (2) community/blogSearch.jsp, the (3) calendarType or (4) monthNumber parameter to community/calendar.jsp, or the (5) flag parameter to swDashboa
nvd