Vulnerabilities > Jcore

DATE CVE VULNERABILITY TITLE RISK
2012-10-22 CVE-2012-4232 SQL Injection vulnerability in Jcore 1.0
SQL injection vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to execute arbitrary SQL commands via the memberloginid cookie.
network
low complexity
jcore CWE-89
7.5
2012-10-22 CVE-2012-4231 Cross-Site Scripting vulnerability in Jcore 1.0
Cross-site scripting (XSS) vulnerability in admin/index.php in jCore before 1.0pre2 allows remote attackers to inject arbitrary web script or HTML via the path parameter.
network
jcore CWE-79
4.3