CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-6505

Cross-site scripting (XSS) vulnerability in mods/hours/data/get_hours.php in PHP Volunteer Management 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the id parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.07

EPSS Ranking 91.0%

CVSS Severity

CVSS v2 Score 4.3

References

http://archives.neohapsis.com/archives/bugtraq/2012-04/0206.html
http://secunia.com/advisories/48988
http://www.exploit-db.com/exploits/18788
http://www.osvdb.org/81494
http://www.securityfocus.com/bid/53261
http://archives.neohapsis.com/archives/bugtraq/2012-04/0206.html
http://secunia.com/advisories/48988
http://www.exploit-db.com/exploits/18788
http://www.osvdb.org/81494
http://www.securityfocus.com/bid/53261

Products affected by CVE-2012-6505

Shawn Bradley » Php Volunteer Management » Version: 1.0.2

cpe:2.3:a:shawn_bradley:php_volunteer_management:1.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-6505

Products

Pricing

Contact Us