CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-6644

Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.029

EPSS Ranking 85.9%

CVSS Severity

CVSS v2 Score 4.3

References

http://osvdb.org/78193
http://osvdb.org/78194
http://osvdb.org/78195
http://osvdb.org/78196
http://osvdb.org/78197
http://osvdb.org/78198
http://osvdb.org/78199
http://osvdb.org/78200
http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt
http://secunia.com/advisories/47474
http://www.exploit-db.com/exploits/18341
http://www.securityfocus.com/bid/51321
https://exchange.xforce.ibmcloud.com/vulnerabilities/72245
http://osvdb.org/78193
http://osvdb.org/78194
http://osvdb.org/78195
http://osvdb.org/78196
http://osvdb.org/78197
http://osvdb.org/78198
http://osvdb.org/78199
http://osvdb.org/78200
http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt
http://secunia.com/advisories/47474
http://www.exploit-db.com/exploits/18341
http://www.securityfocus.com/bid/51321
https://exchange.xforce.ibmcloud.com/vulnerabilities/72245

Products affected by CVE-2012-6644

Clip-Bucket » Clipbucket » Version: 2.6

cpe:2.3:a:clip-bucket:clipbucket:2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-6644

Products

Pricing

Contact Us