Filtered by vendor Ocean12 Technologies
Subscribe
Total
14 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5128 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12member.mdb. | |||||
| CVE-2008-5127 | 1 Ocean12 Technologies | 1 Contact Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ocean12 Contact Manager Pro 1.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12con.mdb. | |||||
| CVE-2008-5979 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter. | |||||
| CVE-2008-5129 | 1 Ocean12 Technologies | 1 Poll Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ocean12 Poll Manager Pro 1.00 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12poll.mdb. | |||||
| CVE-2008-5980 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb. | |||||
| CVE-2008-5978 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp. | |||||
| CVE-2008-5130 | 1 Ocean12 Technologies | 1 Calendar Manager | 2024-02-28 | 5.0 MEDIUM | N/A |
| Ocean12 Calendar Manager Gold 2.04 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12cal.mdb. | |||||
| CVE-2005-4657 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2024-02-28 | 7.5 HIGH | N/A |
| Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to /admin/view.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1223 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2024-02-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.01 allow remote attackers to execute arbitrary SQL commands via the Admin_id field. | |||||
| CVE-2005-1096 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | |||||
| CVE-2006-2265 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2024-02-28 | 2.6 LOW | N/A |
| Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1419 | 1 Ocean12 Technologies | 1 Mailing List Manager | 2024-02-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter. | |||||
| CVE-2006-2264 | 1 Ocean12 Technologies | 1 Calendar Manager Pro | 2024-02-28 | 6.5 MEDIUM | N/A |
| Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2005-1095 | 1 Ocean12 Technologies | 1 Membership Manager Pro | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. | |||||