|
294951
|
- |
|
ubercart
|
ubercart
|
Multiple cross-site scripting (XSS) vulnerabilities in the Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal allow remote authenticated users with the administer product cl…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2300
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294952
|
- |
|
ubercart
|
ubercart
|
The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive informat…
|
CWE-255
Credentials Management
|
CVE-2012-2299
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294953
|
- |
|
drupal
nancy_wichmann
|
realname
|
Multiple cross-site scripting (XSS) vulnerabilities in the RealName module 6.x-1.x before 6.x-1.5 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) "…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2298
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294954
|
- |
|
piwigo
|
piwigo
|
Multiple cross-site scripting (XSS) vulnerabilities in admin.php in Piwigo before 2.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) section parameter in the configuratio…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2209
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294955
|
- |
|
piwigo
|
piwigo
|
Directory traversal vulnerability in upgrade.php in Piwigo before 2.3.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.
|
CWE-22
Path Traversal
|
CVE-2012-2208
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294956
|
- |
|
spip
|
spip
|
Multiple cross-site scripting (XSS) vulnerabilities in SPIP 1.9.x before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 allow remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2151
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294957
|
- |
|
net-snmp
|
net-snmp
|
Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and…
|
NVD-CWE-Other
|
CVE-2012-2141
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294958
|
- |
|
python
canonical
debian
|
python
ubuntu_linux
debian_linux
|
The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive in…
|
NVD-CWE-Other
|
CVE-2012-2135
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294959
|
- |
|
larry_garfield
|
autosave
|
Cross-site request forgery (CSRF) vulnerability in the Autosave module 6.x before 6.x-2.10 and 7.x-2.x before 7.x-2.0 for Drupal allows remote attackers to hijack the authentication of arbitrary user…
|
CWE-352
Origin Validation Error
|
CVE-2012-2097
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294960
|
- |
|
lullabot
|
fivestar_module_for_drupal
|
The Fivestar module 6.x-1.x before 6.x-1.20 for Drupal does not properly validate voting data, which allows remote attackers to manipulate voting averages via a negative value in the vote parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-2096
|
2024-11-21 10:38 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
