CVE-2012-5225

EPSS 4.18% · P89 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2012-5225

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart 1.0.1 and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the shopping_url parameter.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

xClick Cart ‘shopping_url’参数跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

xClick Cart中的webscr.php中存在跨站脚本漏洞，该漏洞源于对用户提供的输入未经正确过滤。攻击者可利用该漏洞在受影响站点上下文的不知情用户浏览器上执行任意脚本代码，盗取基于cookie的认证证书进而发起其他攻击。 xClick Cart 1.0.1与1.0.2版本中存在该漏洞，其他版本中也可能受到影响。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2012-5225

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2012-5225

Please Login to view more intelligence information

http://packetstormsecurity.org/files/view/109126/xclickcart-xss.txtx_refsource_MISC
http://st2tea.blogspot.com/2012/01/xclick-cart-cross-site-scripting.htmlx_refsource_MISC
http://www.securityfocus.com/bid/51699vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/72768vdb-entryx_refsource_XF
https://nvd.nist.gov/vuln/detail/CVE-2012-5225

Same Patch Batch · n/a · 2012-10-01 · 49 CVEs total

CVE-2012-4427		GNOME gnome-shell插件任意代码执行漏洞
CVE-2012-4450		389 Directory Server 访问绕过漏洞
CVE-2012-1588		Drupal 文本过滤系统资源管理错误漏洞
CVE-2012-2240		Debian devscripts ‘scripts/dscverify.pl’任意命令执行漏洞
CVE-2012-2241		Debian devscripts ‘scripts/dget.pl’任意文件删除漏洞
CVE-2012-2242		Debian devscripts ‘scripts/dget.pl’输入验证漏洞
CVE-2012-3500		devscripts 任意文件修改漏洞
CVE-2012-4429		Vino 信息泄露漏洞
CVE-2012-2153		Drupal 权限许可和访问控制漏洞
CVE-2012-4432		OptiPNG 释放后使用漏洞
CVE-2012-4437		Smarty ‘SmartyException’类跨站脚本漏洞
CVE-2012-4415		Guacamole libguac 缓冲区溢出漏洞
CVE-2012-4833		IBM AIX/VIOS fuser 权限许可和访问控制问题漏洞
CVE-2012-4830		IBM WebSphere Commerce 未明安全漏洞
CVE-2012-3319		IBM Rational Business Developer 信息泄露漏洞
CVE-2012-3035		Emerson DeltaV 缓冲区错误漏洞
CVE-2012-0748		IBM Rational Team Concert 多个跨站请求伪造漏洞
CVE-2012-5232		Joomla! ‘Quickl Form’ 组件未明跨站脚本漏洞
CVE-2012-5231		miniCMS多个安全漏洞
CVE-2012-5230		JE Story Submit 未明安全漏洞

Showing top 20 of 49 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2012-5225

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2012-5225

I. Basic Information for CVE-2012-5225

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2012-5225

III. Intelligence Information for CVE-2012-5225

Same Patch Batch · n/a · 2012-10-01 · 49 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2012-5225

Leave a comment