|
294601
|
- |
|
packetfence
|
packetfence
|
The RADIUS extension in PacketFence before 3.3.0 uses a different user name than is used for authentication for users with custom VLAN assignment extensions, which allows remote attackers to spoof us…
|
CWE-287
Improper Authentication
|
CVE-2012-4741
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294602
|
- |
|
packetfence
|
packetfence
|
Cross-site scripting (XSS) vulnerability in the captive portal in PacketFence before 3.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4740
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294603
|
- |
|
barracudanetworks
|
barracuda_ssl_vpn
|
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) r…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4739
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294604
|
- |
|
digium
|
asterisk
certified_asterisk
|
channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4737
|
2024-11-21 10:43 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294605
|
- |
|
otrs
|
otrs
otrs_itsm
|
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.14, 3.0.x before 3.0.16, and 3.1.x before 3.1.10, when Firefox or Opera is used, allows remote…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4600
|
2024-11-21 10:43 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294606
|
- |
|
sophos
|
safeguard_enterprise
|
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFA…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4736
|
2024-11-21 10:43 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294607
|
- |
|
vbulletin
|
vbulletin
|
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4686
|
2024-11-21 10:43 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294608
|
- |
|
arbornetworks
|
peakflow_sp
|
Cross-site scripting (XSS) vulnerability in Arbor Networks Peakflow SP 5.1.1 before patch 6, 5.5 before patch 4, and 5.6.0 before patch 1 allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4685
|
2024-11-21 10:43 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294609
|
- |
|
ioserver
|
ioserver
|
Directory traversal vulnerability in the XML Server in IOServer before 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote attackers to read arbitrary f…
|
CWE-22
Path Traversal
|
CVE-2012-4680
|
2024-11-21 10:43 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294610
|
- |
|
sourcefabric
|
newscoop
|
Cross-site scripting (XSS) vulnerability in admin/login.php in Newscoop before 3.5.5 allows remote attackers to inject arbitrary web script or HTML via the f_user_name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4679
|
2024-11-21 10:43 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
