|
297911
|
- |
|
mediawiki
|
mediawiki
|
Session fixation vulnerability in the CentralAuth extension for MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the centrala…
|
NVD-CWE-Other
|
CVE-2012-5395
|
2024-11-21 10:44 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297912
|
- |
|
mediawiki
|
mediawiki
|
Session fixation vulnerability in Special:UserLogin in MediaWiki before 1.18.6, 1.19.x before 1.19.3, and 1.20.x before 1.20.1 allows remote attackers to hijack web sessions via the session_id.
|
NVD-CWE-Other
|
CVE-2012-5391
|
2024-11-21 10:44 |
2014-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297913
|
- |
|
dancer
|
dancer
|
CRLF injection vulnerability in the cookie method (lib/Dancer/Cookie.pm) in Dancer before 1.3114 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks v…
|
CWE-20
Improper Input Validation
|
CVE-2012-5572
|
2024-11-21 10:44 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297914
|
- |
|
mate-desktop
|
mate-settings-daemon
|
The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone for the system via a crafted D-Bus call.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5560
|
2024-11-21 10:44 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297915
|
- |
|
theforeman
|
foreman
|
The smart proxy in Foreman before 1.1 uses a umask set to 0, which allows local users to modify files created by the daemon via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5477
|
2024-11-21 10:44 |
2014-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297916
|
- |
|
cisco
|
ios
|
Cisco IOS Unified Border Element (CUBE) in Cisco IOS before 15.3(2)T allows remote authenticated users to cause a denial of service (input queue wedge) via a crafted series of RTCP packets, aka Bug I…
|
CWE-20
Improper Input Validation
|
CVE-2012-5427
|
2024-11-21 10:44 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297917
|
- |
|
cisco
|
ios
as5400_universal_gateway
as5400hpx_universal_gateway
as5400xm_media_gateway
as5400xm_universal_gateway
|
Unspecified vulnerability in Cisco IOS before 15.3(2)T on AS5400 devices allows remote authenticated users to cause a denial of service (spurious errors) via unknown vectors, aka Bug ID CSCub61009.
|
NVD-CWE-noinfo
|
CVE-2012-5422
|
2024-11-21 10:44 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297918
|
- |
|
horde
|
groupware
kronolith_h4
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.18, as used in Horde Groupware Webmail Edition before 4.0.9, allow remote attackers to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5567
|
2024-11-21 10:44 |
2014-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297919
|
- |
|
horde
|
kronolith_h4
groupware
|
Multiple cross-site scripting (XSS) vulnerabilities in Horde Kronolith Calendar Application H4 before 3.0.17, as used in Horde Groupware Webmail Edition before 4.0.8, allow remote attackers to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5566
|
2024-11-21 10:44 |
2014-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297920
|
- |
|
horde
|
imp
groupware
|
Cross-site scripting (XSS) vulnerability in js/compose-dimp.js in Horde Internet Mail Program (IMP) before 5.0.24, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5565
|
2024-11-21 10:44 |
2014-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
