CVE-2012-6555
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2012-6555
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the LatestComment plugin 1.1 for Vanilla Forums allows remote attackers to inject arbitrary web script or HTML via the discussion title.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Vanilla Forums ‘LatestComment’ 插件HTML注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Vanilla Forums是加拿大Vanilla Forums公司的一款基于PHP的开源论坛程序。 Vanilla Forums的LatestComment插件中存在HTML注入漏洞,该漏洞源于对用户提供的输入未经过滤。攻击者提供的HTML和JavaScript代码可在受影响站点上下文中运行,可能允许攻击者盗取基于cookie的认证证书或者控制网站传达给用户的方式,也可能执行其他的攻击。LatestComment 1.1版本中存在该漏洞,其他版本也可能受到影响。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2012-6555
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2012-6555
Please Login to view more intelligence information
- 🔗 http://www.henryhoggard.co.uk/security/191/x_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2012-6555
Same Patch Batch · n/a · 2013-05-23 · 17 CVEs total
| CVE-2011-4518 | PROMOTIC 目录遍历漏洞 | |
| CVE-2011-4519 | MICROSYS PROMOTIC ActiveX组件缓冲区溢出漏洞 | |
| CVE-2011-4520 | MICROSYS PROMOTIC ActiveX组件缓冲区溢出漏洞 | |
| CVE-2012-4697 | TURCK BL20/BL67 FTP Service Hardcoded Credentials 安全绕过漏洞 | |
| CVE-2012-6553 | Resource Hacker 堆缓冲区溢出漏洞 | |
| CVE-2012-6554 | activeCollab Chat模块远程PHP代码执行漏洞 | |
| CVE-2012-6556 | Vanilla Forums ‘FirstLastNames’ 多个跨站脚本漏洞 | |
| CVE-2012-6557 | Vanilla Forums ‘AboutMe’ 插件多个跨站脚本漏洞 | |
| CVE-2012-6558 | HeavenTools PE Explorer 缓冲区溢出漏洞 | |
| CVE-2012-6559 | FreeNAC 多个跨站脚本漏洞 | |
| CVE-2012-6560 | FreeNAC ‘deviceadd.php’SQL注入漏洞 | |
| CVE-2012-6561 | Elgg 跨站脚本漏洞 | |
| CVE-2012-6562 | Elgg ‘engine/lib/access.php’安全绕过漏洞 | |
| CVE-2012-6563 | Elgg ‘engine/lib/access.php’安全绕过漏洞 | |
| CVE-2013-1204 | Cisco IOS XR SNMP进程内存泄露漏洞 | |
| CVE-2013-2781 | 3S CODESYS Gateway 释放后重用漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem - CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin
V. Comments for CVE-2012-6555
No comments yet