CVE-2012-6508
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2012-6508
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change arbitrary user passwords via a nouveau action in the security module to cars/ADMIN/index.php; (2) create a user or (3) create a sub user via a sub_accounts action in the home module to USERS/index.php; or (4) change profile information via an edit action in the profile module to USERS/index.php.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NetArt Media Car Portal 多个跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NetArt Media Car Portal是一款基于WEB的应用程序。 NetArt Media Car Portal 3.0版本中存在多个跨站请求伪造漏洞。远程攻击者利用该漏洞将发送(1)通过安全模块中的nouveau操作传送到cars/ADMIN/index.php脚本,更改任意用户密码;通过home模块中sub_accounts传送到操作USERS/index.php脚本,(2)创建用户或(3)创建子用户或(4)通过配置模块中的编辑操作传送到USERS/index.php脚本,更改个人资料信息等
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2012-6508
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2012-6508
Please Login to view more intelligence information
- 🔗 http://www.vulnerability-lab.com/get_content.php?id=502x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2012-6508
Same Patch Batch · n/a · 2013-01-24 · 36 CVEs total
| CVE-2012-6513 | gpEasy ‘jsoncallback’参数跨站脚本漏洞 | |
| CVE-2012-6504 | PHP Volunteer Management SQL注入漏洞 | |
| CVE-2012-6505 | PHP Volunteer Management ‘mods/hours/data/get_hours.php’脚本跨站脚本漏洞 | |
| CVE-2012-6506 | WordPress ‘Zingiri Web Shop’ 跨站脚本漏洞 | |
| CVE-2012-6507 | ChurchCMS ‘admin.php’多个SQL注入漏洞 | |
| CVE-2012-6509 | NetArt Media Car Portal 任意文件上传漏洞 | |
| CVE-2012-6510 | NetArt Media Car Portal 多个跨站脚本漏洞 | |
| CVE-2012-6511 | WordPress organizer/page/users.php脚本多个跨站脚本漏洞 | |
| CVE-2012-6512 | WordPress Organizer插件安全漏洞 | |
| CVE-2012-6503 | Joomla! NinjaXplorer组件未明安全漏洞 | |
| CVE-2012-6514 | Joomla! ‘nBill’ 组件跨站脚本漏洞 | |
| CVE-2012-6515 | eFront 信息泄露漏洞 | |
| CVE-2012-6516 | PHP Ticket ‘p’ 参数SQL注入漏洞 | |
| CVE-2012-6517 | DiY-CMS 多个跨站脚本漏洞 | |
| CVE-2012-6518 | DiY-CMS mod.php脚本跨站请求伪造漏洞 | |
| CVE-2012-6519 | DIY-CMS modules/poll/index.php脚本SQL注入漏洞 | |
| CVE-2012-6520 | Wikidforum SQL注入漏洞 | |
| CVE-2012-6521 | Elefant CMS ‘id’参数跨站脚本漏洞 | |
| CVE-2013-1102 | Cisco Wireless LAN Controller 拒绝服务漏洞 | |
| CVE-2012-5669 | FreeType 越界读取漏洞 |
Showing top 20 of 36 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2012-6508
No comments yet