2 matches found
CVE-2012-4269
Summary of CVE-2012-4269 : The vulnerability is an unrestricted file upload in eFront 3.6.11. According to the sources, remote authenticated users could execute arbitrary code by uploading a file with an executable extension via an attachment in a message. The CVSS data in the NVD entry indicates...
CVE-2012-4270
CVE-2012-4270 describes a Cross-site scripting (XSS) vulnerability in eFront 3.6.11 where remote authenticated users can inject arbitrary script/HTML via the subject field of a message. The NVD entry lists a low base score (CVSSv2 3.5) with network access and user interaction not required, but au...