3 matches found
CVE-2012-4745
CVE-2012-4745 is an XSS vulnerability in Acuity CMS 2.6.2, exploitable via the UserName parameter in admin/login.asp. The NVD CVSS 2.0 base score is 4.3 (MEDIUM) with network access, no authentication, and client-side impact to integrity (partial) but no confidentiality/availability impact. Affec...
Acuity CMS 2.6.2 - '/admin/file_manager/browse.asp?path' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/53616/info Acuity CMS is prone to a directory-traversal vulnerability and an arbitrary-file-upload vulnerability. An attacker can exploit these issues to obtain sensitive information, to upload arbitrary code, and run it in the context of the webserver...
CVE-2005-4369
CVE-2005-4369 describes a cross-site scripting (XSS) vulnerability in Acuity CMS 2.6.2. The issue allows remote attackers to inject arbitrary web script or HTML through unspecified search parameters, potentially via strSearchKeywords to browse.asp. The NVD data lists a CVSS v2 base score of 4.3 (...