|
294341
|
- |
|
ricoh
|
sr10_ftp_server
dl-10
|
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5002
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294342
|
- |
|
hitachi
|
jp1\/cm2\/network_node_manager
|
Multiple unspecified vulnerabilities in Hitachi JP1/Cm2/Network Node Manager i before 09-50-03 allow remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified …
|
NVD-CWE-noinfo
|
CVE-2012-5001
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294343
|
- |
|
blueteck
|
witze_addon
|
SQL injection vulnerability in jokes/index.php in the Witze addon 0.9 for deV!L'z Clanportal allows remote attackers to execute arbitrary SQL commands via the id parameter in a show action.
|
CWE-89
SQL Injection
|
CVE-2012-5000
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294344
|
- |
|
mercurycom
|
mr804_firmware
mr804
|
Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since, (…
|
CWE-20
Improper Input Validation
|
CVE-2012-4999
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294345
|
- |
|
starcms
|
starcms
|
Cross-site scripting (XSS) vulnerability in index.php in starCMS allows remote attackers to inject arbitrary web script or HTML via the q parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4998
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294346
|
- |
|
anecms
|
anecms
|
Directory traversal vulnerability in acp/index.php in AneCMS allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the p parameter.
|
CWE-22
Path Traversal
|
CVE-2012-4997
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294347
|
- |
|
rivetcode
|
rivettracker
|
Multiple SQL injection vulnerabilities in RivetTracker 1.03 and earlier allow remote attackers to execute arbitrary SQL commands via the hash parameter to (1) dltorrent.php or (2) torrent_functions.p…
|
CWE-89
SQL Injection
|
CVE-2012-4996
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294348
|
- |
|
limesurvey
|
limesurvey
|
Cross-site scripting (XSS) vulnerability in admin/userrighthandling.php in LimeSurvey before 1.91+ Build 120224 allows remote attackers to inject arbitrary web script or HTML via the full_name parame…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4995
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294349
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in admin/admin.php in LimeSurvey before 1.91+ Build 120224 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a browse action. NO…
|
CWE-89
SQL Injection
|
CVE-2012-4994
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294350
|
- |
|
rivetcode
|
rivettracker
|
torrent_functions.php in RivetTracker 1.03 and earlier does not properly restrict access, which allows remote attackers to have an unspecified impact.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4993
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
