|
293011
|
- |
|
eos.pe
|
siche_search_module
|
Cross-site scripting (XSS) vulnerability in ssearch.php in the Siche search module 0.5 for Zeroboard allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4744
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293012
|
- |
|
eos.pe
|
siche_search_module
|
Multiple SQL injection vulnerabilities in ssearch.php in Siche search module 0.5 for Zeroboard allow remote attackers to execute arbitrary SQL commands via the (1) ss, (2) sm, (3) align, or (4) categ…
|
CWE-89
SQL Injection
|
CVE-2012-4743
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293013
|
- |
|
packetfence
|
packetfence
|
The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4742
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293014
|
- |
|
packetfence
|
packetfence
|
The RADIUS extension in PacketFence before 3.3.0 uses a different user name than is used for authentication for users with custom VLAN assignment extensions, which allows remote attackers to spoof us…
|
CWE-287
Improper Authentication
|
CVE-2012-4741
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293015
|
- |
|
packetfence
|
packetfence
|
Cross-site scripting (XSS) vulnerability in the captive portal in PacketFence before 3.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4740
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293016
|
- |
|
barracudanetworks
|
barracuda_ssl_vpn
|
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) r…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4739
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293017
|
- |
|
digium
|
asterisk
certified_asterisk
|
channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4737
|
2024-11-21 10:43 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293018
|
- |
|
otrs
|
otrs
otrs_itsm
|
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x before 2.4.14, 3.0.x before 3.0.16, and 3.1.x before 3.1.10, when Firefox or Opera is used, allows remote…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4600
|
2024-11-21 10:43 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293019
|
- |
|
sophos
|
safeguard_enterprise
|
The Device Encryption Client component in Sophos SafeGuard Enterprise 6.0, when a volume-based encryption policy is enabled in conjunction with a user-defined key, does not properly block use of exFA…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4736
|
2024-11-21 10:43 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293020
|
- |
|
vbulletin
|
vbulletin
|
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4686
|
2024-11-21 10:43 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
