Skip to main content
CVE-2013-7262 MEDIUM This Month

SQL injection vulnerability in the msPostGISLayerSetTimeFilter function in mappostgis.c in MapServer before 6.4.1, when a WMS-Time service is used, allows remote attackers to execute arbitrary SQL. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

SQLi Mapserver
NVD GitHub
CVSS 2.0
6.8
EPSS
0.2%
CVE-2012-2898 MEDIUM This Month

Google Chrome before 21.0.1180.82 on iOS on iPad devices allows remote attackers to spoof the Omnibox URL via vectors involving SSL error messages, a related issue to CVE-2012-0674. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Apple Chrome
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2012-2899 MEDIUM This Month

Google Chrome before 21.0.1180.82 on iOS makes certain incorrect calls to WebView methods that trigger use of an applewebdata: URL, which allows remote attackers to bypass the Same Origin Policy and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Apple XSS Chrome
NVD
CVSS 2.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy