|
295211
|
- |
|
segue_project
|
segue
|
Cross-site scripting (XSS) vulnerability in Segue 2.2.10.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1254
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295212
|
- |
|
opera
|
opera_browser
|
Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
|
CWE-310
Cryptographic Issues
|
CVE-2012-1251
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295213
|
- |
|
logitech
|
lan-w300n\/ru2_firmware
|
Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1250
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295214
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 0.7, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via vectors involving an embed…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1253
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295215
|
- |
|
rssowl
|
rssowl
|
Cross-site scripting (XSS) vulnerability in RSSOwl before 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a feed, a different vulnerability than CVE-2006-4760.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1252
|
2024-11-21 10:36 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295216
|
- |
|
canonical
|
ubuntu_linux
|
The Apport hook in Update Manager as used by Ubuntu 12.04 LTS, 11.10, and 11.04 uploads certain system state archive files when reporting bugs to Launchpad, which allows remote attackers to read repo…
|
CWE-200
Information Exposure
|
CVE-2012-0949
|
2024-11-21 10:36 |
2012-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295217
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise_users
puppet_enterprise
|
Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3, when managing a user login file with the k5login resource type, allows local …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1054
|
2024-11-21 10:36 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295218
|
- |
|
puppet
puppetlabs
|
puppet
puppet_enterprise_users
puppet_enterprise
|
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1053
|
2024-11-21 10:36 |
2012-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295219
|
- |
|
zen-cart
|
zen_cart
|
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1413
|
2024-11-21 10:36 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295220
|
- |
|
php
|
php
|
The file-upload implementation in rfc1867.c in PHP before 5.4.0 does not properly handle invalid [ (open square bracket) characters in name values, which makes it easier for remote attackers to cause…
|
CWE-20
Improper Input Validation
|
CVE-2012-1172
|
2024-11-21 10:36 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
