openconstructor_project CVE Vulnerabilities & CVE List (4)

Products (CPE): — CVEs: 4

openconstructor_project vulnerability overview

Aggregates CVE and security vulnerability intelligence across all openconstructor_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk sql injection and related problems; some flaws may lead to vendor impact data exposure.

Vulnerability distribution trend (last 24 months)

Showing 14 of 4 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2012-3873 Multiple SQL injection vulnerabilities in Open Constructor 3.12.0 allow remote authenticated users to execute arbitrary SQL commands via the id parameter to (1) data/gallery/edit.php, (2) data/guestbook/edit.php, (3) data/file/edit.php, (4) data/htmltext/edit.php, (5) data/publication/edit.php, or (6) data/event/edit.php. [email protected] 6.5 0.94% 2012-12-28 2026-04-29
CVE-2012-3872 Multiple cross-site scripting (XSS) vulnerabilities in Open Constructor 3.12.0 allow remote attackers to inject arbitrary web script or HTML via (1) the result parameter to data/file/edit.php, (2) the q parameter to confirm.php, or (3) the keyword parameter to users/users.php. [email protected] 4.3 1.38% 2012-12-28 2026-04-29
CVE-2012-3871 Cross-site scripting (XSS) vulnerability in data/hybrid/i_hybrid.php in Open Constructor 3.12.0 allows remote authenticated users to inject arbitrary web script or HTML via the header parameter. [email protected] 3.5 0.80% 2012-12-28 2026-04-29
CVE-2012-3870 Multiple cross-site scripting (XSS) vulnerabilities in objects/createobject.php in Open Constructor 3.12.0 allow remote authenticated users to inject arbitrary web script or HTML via the (1) name or (2) description parameter. [email protected] 3.5 0.77% 2012-12-28 2026-04-29
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence