Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2012-5702
HistoryOct 21, 2014 - 2:00 p.m.

CVE-2012-5702

2014-10-2114:00:00
mitre
www.cve.org
2

5.6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in dotProject before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via the (1) callback parameter in a color_selector action, (2) field parameter in a date_format action, or (3) company_name parameter in an addedit action to index.php. NOTE: the date parameter vector is already covered by CVE-2008-3886.

Related

prion 2
cve 2
nvd 2
openvas 1
cvelist 1
htbridge 1
packetstorm 1
securityvulns 2
prion
prion
Cross site scripting
2014-10-21 14:55:00
Cross site scripting
2008-09-02 15:41:00
cve
cve
CVE-2012-5702
2014-10-21 14:55:03
CVE-2008-3886
2008-09-02 15:41:00
nvd
nvd
CVE-2012-5702
2014-10-21 14:55:03
CVE-2008-3886
2008-09-02 15:41:00
openvas
openvas
dotProject Multiple XSS and SQLi Vulnerabilities
2008-09-02 00:00:00
cvelist
cvelist
CVE-2008-3886
2008-09-02 15:00:00
htbridge
htbridge
Multiple vulnerabilities in dotProject
2012-10-31 00:00:00
packetstorm
packetstorm
dotProject 2.1.6 Cross Site Scripting / SQL Injection
2012-11-21 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in dotProject
2012-12-10 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2012-12-10 00:00:00

5.6 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON
Related for CVELIST:CVE-2012-5702
prion2cve2nvd2openvas1cvelist1htbridge1packetstorm1securityvulns2