Filtered by vendor Arc2 Project Subscriptions
Filtered by product Arc2 Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2012-5873 1 Arc2 Project 1 Arc2 2024-11-21 5.3 Medium
ARC (aka ARC2) through 2011-12-01 allows reflected XSS via the end_point.php query parameter in an output=htmltab action.
CVE-2012-5872 1 Arc2 Project 1 Arc2 2024-11-21 9.8 Critical
ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause.