Seditio Security Vulnerabilities and Issues — Seditio CVE List

Lucene search

NeocromeSeditio

3 matches found

CVE•added 2012/11/17 9:55 p.m.•29 views

CVE-2012-5916

Neocrome Seditio build 161 allows remote attackers to obtain sensitive information via a direct request to (1) docs/new/seditio-createnew-160.sql, (2) docs/upgrade/sedito_convert_to_utf8.optional.sql, or (3) system/install/install.parser.sql.

5CVSS6.4AI score0.0025EPSS

CVE•added 2012/11/17 9:55 p.m.•28 views

CVE-2012-5914

Multiple cross-site scripting (XSS) vulnerabilities in the sed_import function in system/functions.php in Neocrome Seditio build 160 and 161 allow remote attackers to inject arbitrary web script or HTML via the (1) newmsg or (2) rtext parameter. NOTE: some of these details are obtained from third p...

2.6CVSS5.9AI score0.00475EPSS

CVE•added 2012/11/17 9:55 p.m.•26 views

CVE-2012-5915

Neocrome Seditio build 161 and earlier allows remote attackers to obtain sensitive information via direct request to (1) view.php, (2) plugins/contact/lang/contact.en.lang.php, (3) system/lang/en/main.lang.php, (4) system/lang/en/message.lang.php, or (5) system/core/view/view.inc.php, which reveals...

5CVSS6.4AI score0.0025EPSS