Lucene search
High-Tech BridgeEDB-ID:37950HistoryOct 17, 2012 - 12:00 a.m.
jCore - '/admin/index.php?path' Cross-Site Scripting
2012-10-1700:00:00
High-Tech Bridge
www.exploit-db.com
20
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/56102/info
jCore is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker may exploit these issues to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
jCore 1.0pre and prior versions are vulnerable.
http://www.example.com/admin/?path=%27%20onmouseover%3dalert%28document.cookie%29%20%27 Related
nvd
nvd
CVE-2012-4231
2012-10-22 23:55:06
prion
prion
Cross site scripting
2012-10-22 23:55:00
cvelist
cvelist
CVE-2012-4231
2012-10-22 23:00:00
cve
cve
CVE-2012-4231
2012-10-22 23:55:06
htbridge
htbridge
Multiple vulnerabilities in jCore
2012-08-01 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in jCore
2012-10-22 00:00:00
zdt
zdt
jCore 1.0pre Cross Site Scripting / SQL Injection
2012-10-17 00:00:00
packetstorm
packetstorm
jCore 1.0pre Cross Site Scripting / SQL Injection
2012-10-18 00:00:00