VYPR
Unrated severityNVD Advisory· Published Jan 31, 2013· Updated Jun 16, 2026

CVE-2012-6523

CVE-2012-6523

Description

Multiple cross-site scripting (XSS) vulnerabilities in w-CMS 2.01 allow remote attackers to inject arbitrary web script or HTML via (1) the p parameter in the getMenus function in codes/wcms.php; or the COMMENT parameter in (2) blog.php, (3) guestbook.php, or (4) forum.php in codes/. NOTE: some of these details are obtained from third party information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • W CMS/W CMS2 versions
    cpe:2.3:a:w-cms:w-cms:2.01:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:w-cms:w-cms:2.01:*:*:*:*:*:*:*
    • (no CPE)range: =2.01

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.