|
296081
|
- |
|
bloxx
|
web_filtering
|
Multiple cross-site scripting (XSS) vulnerabilities in Bloxx Web Filtering before 5.0.14 allow (1) remote attackers to inject arbitrary web script or HTML via web traffic that is examined within the …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2563
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296082
|
- |
|
siemens
|
wincc
|
Buffer overflow in the DiagAgent web server in Siemens WinCC 7.0 SP3 through Update 2 allows remote attackers to cause a denial of service (agent outage) via crafted input.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2598
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296083
|
- |
|
siemens
|
wincc
|
Multiple directory traversal vulnerabilities in Siemens WinCC 7.0 SP3 before Update 2 allow remote authenticated users to read arbitrary files via a crafted parameter in a URL.
|
CWE-22
Path Traversal
|
CVE-2012-2597
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296084
|
- |
|
siemens
|
wincc
|
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to …
|
CWE-94
Code Injection
|
CVE-2012-2596
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296085
|
- |
|
siemens
|
wincc
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2595
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296086
|
- |
|
collabnet
|
scrumworks
|
The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2603
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296087
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.
|
CWE-89
SQL Injection
|
CVE-2012-2762
|
2024-11-21 10:39 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296088
|
- |
|
sensiolabs
|
symfony
|
Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate metho…
|
NVD-CWE-Other
|
CVE-2012-2667
|
2024-11-21 10:39 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296089
|
- |
|
bandainamcogames
|
madomagi-ip_android
|
The Puella Magi Madoka Magica iP application 1.05 and earlier for Android places cleartext Twitter credentials in a log file, which allows remote attackers to obtain sensitive information via a craft…
|
CWE-255
Credentials Management
|
CVE-2012-2630
|
2024-11-21 10:39 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296090
|
- |
|
networkupstools
|
nut
|
Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools (NUT) before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2944
|
2024-11-21 10:39 |
2012-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
