Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

23 matches found

EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2012-4176

Malware in sbrugna...

7.5CVSS6.2AI score0.00553EPSS
Exploits3References7
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2012-4175

Malware in sbrugna...

4.3CVSS6.2AI score0.03321EPSS
Exploits3References8
Prion
Prionadded 2020/07/17 6:15 p.m.14 views

Design/Logic Flaw

jcore/portal/ajaxPortal.jsp in Jalios JCMS 10.0.2 build-20200224104759 allows XSS via the types parameter. Note: It is asserted that this vulnerability is not present in the standard installation of Jalios JCMS...

4.3CVSS5.9AI score0.0044EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2020/07/17 12:0 a.m.1 views

PT-2020-14459 · Jalios · Jalios Jcms

Name of the Vulnerable Software and Affected Versions: Jalios JCMS version 10.0.2 build-20200224104759 Description: The issue allows for XSS via the types parameter in the jcore/portal/ajaxPortal.jsp file. It is noted that this issue is not present in the standard installation of Jalios JCMS...

6.1CVSS5.8AI score0.0044EPSS
Exploits1References7
NVD
NVDadded 2012/10/22 11:55 p.m.7 views

CVE-2012-4232

SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to execute arbitrary SQL commands via the memberloginid cookie...

7.5CVSS8.3AI score0.00553EPSS
Exploits3References5
Prion
Prionadded 2012/10/22 11:55 p.m.9 views

Cross site scripting

Cross-site scripting XSS vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to inject arbitrary web script or HTML via the path parameter...

4.3CVSS6.1AI score0.03321EPSS
Exploits3References6Affected Software1
Prion
Prionadded 2012/10/22 11:55 p.m.8 views

Sql injection

SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to execute arbitrary SQL commands via the memberloginid cookie...

7.5CVSS9AI score0.00553EPSS
Exploits3References5Affected Software1
CVE
CVEadded 2012/10/22 11:0 p.m.38 views

CVE-2012-4231

CVE-2012-4231 corresponds to an XSS flaw in jCore’s admin/index.php prior to 1.0pre2. The vulnerability arises from insufficient sanitization of the path parameter in the GET request, allowing an attacker to inject arbitrary HTML/Script that is executed in the victim’s browser (context of the aff...

4.3CVSS5.8AI score0.03321EPSS
Exploits3References6Affected Software1
CVE
CVEadded 2012/10/22 11:0 p.m.35 views

CVE-2012-4232

CVE-2012-4232 is a SQL Injection in jCore before 1.0pre2, exploitable via the cookie value memberloginid in /admin/index.php, allowing remote attackers to execute arbitrary SQL. Related advisory data also notes CVE-2012-4231 (XSS in path parameter) and that the vendor fixed the issue in a subsequ...

7.5CVSS8.6AI score0.00553EPSS
Exploits3References5Affected Software1
Cvelist
Cvelistadded 2012/10/22 11:0 p.m.14 views

CVE-2012-4232

SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to execute arbitrary SQL commands via the memberloginid cookie...

8.3AI score0.00553EPSS
Exploits3References5
Cvelist
Cvelistadded 2012/10/22 11:0 p.m.16 views

CVE-2012-4231

Cross-site scripting XSS vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to inject arbitrary web script or HTML via the path parameter...

5.6AI score0.03321EPSS
Exploits3References6
securityvulns
securityvulnsadded 2012/10/22 12:0 a.m.50 views

Multiple vulnerabilities in jCore

Advisory ID: HTB23107 Product: jCore Vendor: jcore.net Vulnerable Versions: 1.0pre and probably prior Tested Version: 1.0pre Vendor Notification: August 1, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting CWE-79 CVE References: CVE-2012-4231,...

7.5CVSS7.5AI score0.03321EPSS
Exploits4
Packet Storm
Packet Stormadded 2012/10/18 12:0 a.m.45 views

jCore 1.0pre Cross Site Scripting / SQL Injection

Advisory ID: HTB23107 Product: jCore Vendor: jcore.net Vulnerable Versions: 1.0pre and probably prior Tested Version: 1.0pre Vendor Notification: August 1, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting CWE-79 CVE References: CVE-2012-4231,...

7.5CVSS0.2AI score0.03321EPSS
Exploits4
0day.today
0day.todayadded 2012/10/17 12:0 a.m.33 views

jCore 1.0pre Cross Site Scripting / SQL Injection

Exploit for php platform in category web applications Product: jCore Vendor: jcore.net Vulnerable Versions: 1.0pre and probably prior Tested Version: 1.0pre Vendor Notification: August 1, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting CWE-7...

7.1AI score0.03321EPSS
Exploits4
exploitpack
exploitpackadded 2012/10/17 12:0 a.m.15 views

jCore - adminindex.php?path Cross-Site Scripting

jCore - adminindex.php?path Cross-Site Scripting source: https://www.securityfocus.com/bid/56102/info jCore is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may exploit these issues to ste...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2012/10/17 12:0 a.m.24 views

jCore - '/admin/index.php?path' Cross-Site Scripting

source: https://www.securityfocus.com/bid/56102/info jCore is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may exploit these issues to steal cookie-based authentication credentials,...

7.4AI score
Exploits0
htbridge
htbridgeadded 2012/08/01 12:0 a.m.35 views

Multiple vulnerabilities in jCore

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in jCore, which can be exploited to perform Cross-Site Scripting XSS and SQL Injection attacks. 1 SQL Injection in jCore: CVE-2012-4232 1.1 Input passed via the "memberloginid" COOKIE parameter to /admin/index.php is not...

7.5CVSS7AI score0.03321EPSS
Exploits4Affected Software1
exploitpack
exploitpackadded 2009/12/17 12:0 a.m.11 views

jCore - search Cross-Site Scripting

jCore - search Cross-Site Scripting source: https://www.securityfocus.com/bid/41748/info jCore is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

6.8AI score
Exploits0
seebug.org
seebug.orgadded 2009/12/17 12:0 a.m.10 views

jCore CMS Cross Site Scripting Vulnerability

No description provided by source. Found: loneferret Vendor: jCore Site: http://www.jcore.net/home Software link: http://www.jcore.net/downloads Search page is vulnerable to cross-site scripting. Exploit: http://server/modules/search?search=xss here http://server/modules/search?search=/axss here...

7.1AI score
Exploits0
0day.today
0day.todayadded 2009/12/17 12:0 a.m.14 views

jCore CMS Cross Site Scripting Vulnerability

Exploit for unknown platform in category web applications ============================================ jCore CMS Cross Site Scripting Vulnerability ============================================ Found: loneferret Vendor: jCore Site: http://www.jcore.net/home Software link:...

7.1AI score
Exploits0
Rows per page
Query Builder