| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-6691 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in the admin panel in osCMax before 2.5.1 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL injection attacks via the (1) status parameter to
|
27-07-2015 - 15:59 | 20-05-2015 - 18:59 | |
| CVE-2012-1665 | 7.5 |
Multiple SQL injection vulnerabilities in the admin panel in osCMax before 2.5.1 allow (1) remote attackers to execute arbitrary SQL commands via the username parameter in a process action to admin/login.php or (2) remote administrators to execute ar
|
21-05-2015 - 16:54 | 20-05-2015 - 18:59 | |
| CVE-2012-1664 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the admin panel in osCMax before 2.5.1 allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter in a process action to admin/login.php; (2) pageTitle, (3) curr
|
21-05-2015 - 16:53 | 20-05-2015 - 18:59 |