ocean12_technologies 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
公開された問題は vendor risk sql injection and vendor risk cross-site scripting に関連することが多く、vendor surface production workloads and vendor surface software deployment の文脈で vendor impact session compromise and vendor impact data exposure などの暴露リスクを伴う場合があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2008-5980 | Ocean12 Mailing List Manager Gold stores sensitive data under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for o12mail.mdb. | [email protected] | 5.0 | 6.95% | 2009-01-27 | 2026-04-23 |
| CVE-2008-5979 | Cross-site scripting (XSS) vulnerability in default.asp in Ocean12 Mailing List Manager Gold allows remote attackers to inject arbitrary web script or HTML via the Email parameter. | [email protected] | 4.3 | 4.30% | 2009-01-27 | 2026-04-23 |
| CVE-2008-5978 | Multiple SQL injection vulnerabilities in Ocean12 Mailing List Manager Gold allow remote attackers to execute arbitrary SQL commands via the Email parameter to (1) default.asp and (2) s_edit.asp. | [email protected] | 7.5 | 0.84% | 2009-01-27 | 2026-04-23 |
| CVE-2008-5130 | Ocean12 Calendar Manager Gold 2.04 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12cal.mdb. | [email protected] | 5.0 | 0.29% | 2008-11-18 | 2026-04-23 |
| CVE-2008-5129 | Ocean12 Poll Manager Pro 1.00 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12poll.mdb. | [email protected] | 5.0 | 0.29% | 2008-11-18 | 2026-04-23 |
| CVE-2008-5128 | Ocean12 Membership Manager Pro stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12member.mdb. | [email protected] | 5.0 | 0.29% | 2008-11-18 | 2026-04-23 |
| CVE-2008-5127 | Ocean12 Contact Manager Pro 1.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a direct request to o12con.mdb. | [email protected] | 5.0 | 0.42% | 2008-11-18 | 2026-04-23 |
| CVE-2006-2265 | Cross-site scripting vulnerability in admin/main.asp in Ocean12 Calendar Manager Pro 1.00 allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 2.6 | 4.45% | 2006-05-09 | 2026-04-16 |
| CVE-2006-2264 | Multiple SQL injection vulnerabilities in Ocean12 Calendar Manager Pro 1.00 allow remote attackers to execute arbitrary SQL commands via the (1) date parameter to admin/main.asp, (2) SearchFor parameter to admin/view.asp, or (3) ID parameter to admin/edit.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 6.5 | 0.74% | 2006-05-09 | 2026-04-16 |
| CVE-2005-4657 | Ocean12 Calendar Manager Pro 1.01 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to /admin/view.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | [email protected] | 7.5 | 2.06% | 2005-12-31 | 2026-04-16 |
| CVE-2005-1419 | SQL injection vulnerability in the admin login panel for Ocean12 Mailing List Manager 1.06 allows remote attackers to execute arbitrary SQL commands via the Admin_id parameter. | [email protected] | 7.5 | 0.65% | 2005-05-03 | 2026-04-16 |
| CVE-2005-1223 | Multiple SQL injection vulnerabilities in Ocean12 Calendar manager 1.01 allow remote attackers to execute arbitrary SQL commands via the Admin_id field. | [email protected] | 7.5 | 0.47% | 2005-05-02 | 2026-04-16 |
| CVE-2005-1095 | Cross-site scripting (XSS) vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to inject arbitrary web script or HTML via the page parameter. | [email protected] | 4.3 | 1.12% | 2005-05-02 | 2026-04-16 |
| CVE-2005-1096 | SQL injection vulnerability in main.asp for Ocean12 Membership Manager Pro 1.x allows remote attackers to execute arbitrary SQL commands via the UserID parameter. | [email protected] | 7.5 | 1.00% | 2005-04-06 | 2026-04-16 |