2 matches found
CVE-2012-1780
CVE-2012-1780 is a SQL injection vulnerability in SocialCMS 1.0.5, triggered through the category parameter in search.php. The vulnerability allows remote attackers to execute arbitrary SQL commands. The cited sources confirm the affected component and the injection vector, with no publicly docum...
CVE-2012-1781
CVE-2012-1781 affects SocialCMS 1.0.5. The vulnerability is multiple cross-site scripting (XSS) in ajax/commentajax.php, exploitable via the parameters TREF_email_address and TR_name , enabling remote attackers to inject arbitrary web script or HTML. The provided sources confirm the affected comp...