CVE-2012-3837
Published Jul 3, 2012
Last updated 12 years ago
Overview
- Description
- Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username, (2) email_address, (3) password, (4) password_verify, (5) firstname, (6) lastname, or (7) verification_code parameter to users/action/register. NOTE: some of these details are obtained from third party information.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "33D1C938-6ADA-4B8E-A0CE-1B4029E4E4D4",
"versionEndIncluding": "1.2.0"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:0.90:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "166A9148-8ED7-49FC-A8B3-2FEE23968DB6"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:0.91:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F79B921-6FAD-43DD-A92C-A037E741E5E8"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:0.98:alpha:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A724AB8-8492-419B-8850-48B64C8C1643"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:0.99:beta:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4757C0A1-CCB8-4FAA-B081-F42B09666318"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "185D7CA6-57C7-4590-A1F4-90CCA1A2302B"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF6A49E2-1191-4FE0-A61E-421D441B3787"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CA1DC3F0-7EC8-49B0-A0B2-BE06F201E89D"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8646C5C6-1A9C-49E0-A25D-6BE6E47DB9A8"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0169F08E-12BD-401A-9DB5-1C6A9562A936"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7963826-7F30-4742-8C1C-74A5745E4C02"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "127FC1AC-935E-4B8A-B0A3-743D72D4B62F"
},
{
"criteria": "cpe:2.3:a:babygekko:baby_gekko:1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "827A1421-9971-4DA1-BC3D-A7C9B6F36497"
}
],
"operator": "OR"
}
]
}
]