Openconf
by Zakon Group
CVEs (2)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2012-1002 | 0.03 | — | 0.02 | Feb 8, 2012 | SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | ||
| CVE-2005-0407 | 0.00 | — | 0.00 | May 2, 2005 | Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title. |
- CVE-2012-1002Feb 8, 2012risk 0.03cvss —epss 0.02
SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
- CVE-2005-0407May 2, 2005risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in Openconf 1.04, and possibly other versions before 1.10, allows remote attackers to inject arbitrary HTML and web script via the paper title.