{"api_version":"1","generated_at":"2026-05-02T05:31:19+00:00","cve":"CVE-2012-6644","urls":{"html":"https://cve.report/CVE-2012-6644","api":"https://cve.report/api/cve/CVE-2012-6644.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2012-6644","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2012-6644"},"summary":{"title":"CVE-2012-6644","description":"Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2014-04-08 14:22:00","updated_at":"2017-08-29 01:32:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"http://www.securityfocus.com/bid/51321","name":"51321","refsource":"BID","tags":[],"title":"Malformed Request","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://osvdb.org/78193","name":"78193","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://osvdb.org/78194","name":"78194","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://osvdb.org/78196","name":"78196","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://secunia.com/advisories/47474","name":"47474","refsource":"SECUNIA","tags":[],"title":"Security Advisory SA47474 - ClipBucket Multiple Vulnerabilities - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/78198","name":"78198","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://osvdb.org/78195","name":"78195","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://osvdb.org/78200","name":"78199","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt","name":"http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt","refsource":"MISC","tags":[],"title":"Clip Bucket 2.6 Cross Site Scripting / SQL Injection ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.exploit-db.com/exploits/18341","name":"18341","refsource":"EXPLOIT-DB","tags":[],"title":"Clip Bucket 2.6 Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/78199","name":"78199","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72245","name":"clipbucket-multiple-xss(72245)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://osvdb.org/78197","name":"78197","refsource":"OSVDB","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2012-6644","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6644","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2012","cve_id":"6644","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clip-bucket","cpe5":"clipbucket","cpe6":"2.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2012","cve_id":"6644","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clip-bucket","cpe5":"clipbucket","cpe6":"2.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2012-6644","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"78195","refsource":"OSVDB","url":"http://osvdb.org/78195"},{"name":"51321","refsource":"BID","url":"http://www.securityfocus.com/bid/51321"},{"name":"78194","refsource":"OSVDB","url":"http://osvdb.org/78194"},{"name":"78199","refsource":"OSVDB","url":"http://osvdb.org/78199"},{"name":"http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt","refsource":"MISC","url":"http://packetstormsecurity.org/files/108489/clipbucket-sqlxss.txt"},{"name":"78196","refsource":"OSVDB","url":"http://osvdb.org/78196"},{"name":"18341","refsource":"EXPLOIT-DB","url":"http://www.exploit-db.com/exploits/18341"},{"name":"78197","refsource":"OSVDB","url":"http://osvdb.org/78197"},{"name":"clipbucket-multiple-xss(72245)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72245"},{"name":"78193","refsource":"OSVDB","url":"http://osvdb.org/78193"},{"name":"78198","refsource":"OSVDB","url":"http://osvdb.org/78198"},{"name":"47474","refsource":"SECUNIA","url":"http://secunia.com/advisories/47474"},{"name":"78200","refsource":"OSVDB","url":"http://osvdb.org/78200"}]}},"nvd":{"publishedDate":"2014-04-08 14:22:00","lastModifiedDate":"2017-08-29 01:32:00","problem_types":["CWE-79"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE","baseScore":4.3},"severity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:clip-bucket:clipbucket:2.6:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2012","CveId":"6644","Ordinal":"69653","Title":"CVE-2012-6644","CVE":"CVE-2012-6644","Year":"2012"},"notes":[{"CveYear":"2012","CveId":"6644","Ordinal":"1","NoteData":"Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.6 allow remote attackers to inject arbitrary web script or HTML via the (1) cat parameter to channels.php, (2) collections.php, (3) groups.php, or (4) videos.php; (5) query parameter to search_result.php; or (6) type parameter to view_collection.php or (7) view_item.php.","Type":"Description","Title":null},{"CveYear":"2012","CveId":"6644","Ordinal":"2","NoteData":"2014-04-08","Type":"Other","Title":"Published"},{"CveYear":"2012","CveId":"6644","Ordinal":"3","NoteData":"2017-08-28","Type":"Other","Title":"Modified"}]}}}