Filtered by vendor Pu-gh
Subscriptions
Filtered by product Sockso
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-10061 | 1 Pu-gh | 1 Sockso | 2025-11-22 | N/A |
| Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize user-supplied input. Attackers can traverse directories and access sensitive files outside the intended web root. | ||||
| CVE-2012-4267 | 1 Pu-gh | 1 Sockso | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter. | ||||
Page 1 of 1.