|
292651
|
- |
|
template_cms_project
|
template_cms
|
Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the themes_editor parameter in an add_template action to …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4901
|
2024-11-21 10:43 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292652
|
- |
|
mikejolley
|
download_monitor
|
Cross-site scripting (XSS) vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the d…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4768
|
2024-11-21 10:43 |
2014-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292653
|
- |
|
xnview
|
xnview
|
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image fi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4988
|
2024-11-21 10:43 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292654
|
- |
|
corel
|
quattro_pro_x6
|
The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NU…
|
NVD-CWE-Other
|
CVE-2012-4728
|
2024-11-21 10:43 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292655
|
- |
|
owncloud
|
owncloud
|
CRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.
|
NVD-CWE-Other
|
CVE-2012-5057
|
2024-11-21 10:43 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292656
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud Server before 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) readyCallback parameter to apps/files_odf…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5056
|
2024-11-21 10:43 |
2014-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292657
|
- |
|
davistribe
|
google_doc_embedder
|
Directory traversal vulnerability in the Google Doc Embedder plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to libs/pdf.php.
|
CWE-22
Path Traversal
|
CVE-2012-4915
|
2024-11-21 10:43 |
2014-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292658
|
- |
|
cisco
|
ios
|
Cisco IOS before 15.3(1)T, when media flow-around is not used, allows remote attackers to cause a denial of service (media loops and stack memory corruption) via VoIP traffic, aka Bug ID CSCub45809.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5044
|
2024-11-21 10:43 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292659
|
- |
|
cisco
|
ios
catalyst_6500
catalyst_7600
|
The ACL implementation in Cisco IOS before 15.1(1)SY on Catalyst 6500 and 7600 devices allows local users to cause a denial of service (device reload) via a "no object-group" command followed by an o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5037
|
2024-11-21 10:43 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292660
|
- |
|
cisco
|
ios
|
The BGP Router process in Cisco IOS before 12.2(50)SY1 allows remote attackers to cause a denial of service (memory consumption) via vectors involving BGP path attributes, aka Bug ID CSCsw63003.
|
CWE-399
Resource Management Errors
|
CVE-2012-5039
|
2024-11-21 10:43 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
