|
294911
|
- |
|
ammap_project
|
ammap
|
Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ammap.swf, or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1302
|
2024-11-21 10:36 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294912
|
- |
|
syndeocms
|
syndeocms
|
Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user acc…
|
CWE-352
Origin Validation Error
|
CVE-2012-1203
|
2024-11-21 10:36 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294913
|
- |
|
robert_ancell
|
lightdm
|
lightdm before 1.0.9 does not properly close file descriptors before opening a child process, which allows local users to write to the lightdm log or have other unspecified impact.
|
CWE-200
Information Exposure
|
CVE-2012-1111
|
2024-11-21 10:36 |
2014-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294914
|
- |
|
yealink
|
ip_phone_sip-t19p
ultra-elegant_ip_phone_sip-t41p
ultra-elegant_ip_phone_sip-t48g
gigabit_color_ip_phone_sip-t32g
ultra-elegant_ip_phone_sip-t46g
ip_video_phone_vp530
ip_phone_sip-t…
|
Multiple cross-site scripting (XSS) vulnerabilities in Local Phone book and Blacklist form in Yealink VOIP Phones allow remote authenticated users to inject arbitrary web script or HTML via the user …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1417
|
2024-11-21 10:36 |
2014-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294915
|
- |
|
siteseeker
episerver
|
euroling_siteseeker
episerver
|
Cross-site scripting (XSS) vulnerability in the Euroling SiteSeeker module 3.x before 3.4.5 for EPiServer allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1032
|
2024-11-21 10:36 |
2014-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294916
|
- |
|
xoops
|
xoops
|
Multiple cross-site scripting (XSS) vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the (1) to_userid parameter to modules/pm/pmlite.php or the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0984
|
2024-11-21 10:36 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294917
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the req_spec_id param…
|
CWE-89
SQL Injection
|
CVE-2012-0939
|
2024-11-21 10:36 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294918
|
- |
|
testlink
|
testlink
|
Multiple SQL injection vulnerabilities in TestLink 1.9.3, 1.8.5b, and earlier allow remote authenticated users with certain permissions to execute arbitrary SQL commands via the root_node parameter i…
|
CWE-89
SQL Injection
|
CVE-2012-0938
|
2024-11-21 10:36 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294919
|
- |
|
robert_ancell
canonical
|
lightdm
ubuntu_linux
|
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7, as used in Ubuntu Linux 11.10, allows local users to delete arbitrary files via a space in the name …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0943
|
2024-11-21 10:36 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294920
|
- |
|
canonical
|
ltsp_display_manager
ubuntu_linux
|
The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window.
|
CWE-78
OS Command
|
CVE-2012-1166
|
2024-11-21 10:36 |
2014-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
