|
292521
|
- |
|
mylittletools
|
mylittleadmin
|
Cross-site scripting (XSS) vulnerability in the management screen in myLittleTools myLittleAdmin for SQL Server 2000 allows remote attackers to inject arbitrary web script or HTML via vectors that tr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4015
|
2024-11-21 10:42 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292522
|
- |
|
mcafee
|
email_and_web_security
|
Unspecified vulnerability in McAfee Email Anti-virus (formerly WebShield SMTP) allows remote attackers to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4014
|
2024-11-21 10:42 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292523
|
- |
|
moodle
|
moodle
|
course/reset.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 checks an update capability instead of a reset capability, which allows remote authenticated users to bypass …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4408
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292524
|
- |
|
moodle
|
moodle
|
lib/filelib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly check the publication state of blog files, which allows remote attackers to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2012-4407
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292525
|
- |
|
moodle
|
moodle
|
theme/yui_combo.php in Moodle 2.3.x before 2.3.2 does not properly construct error responses for the drag-and-drop script, which allows remote attackers to obtain the installation path by sending a r…
|
CWE-200
Information Exposure
|
CVE-2012-4403
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292526
|
- |
|
moodle
|
moodle
|
webservice/lib.php in Moodle 2.1.x before 2.1.8, 2.2.x before 2.2.5, and 2.3.x before 2.3.2 does not properly restrict the use of web-service tokens, which allows remote authenticated users to run ar…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4402
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292527
|
- |
|
moodle
|
moodle
|
Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended capability restrictions and perform certain topic changes by leveraging course-editing capabiliti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4401
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292528
|
- |
|
moodle
|
moodle
|
repository/repository_ajax.php in Moodle 2.2.x before 2.2.5 and 2.3.x before 2.3.2 allows remote authenticated users to bypass intended upload-size restrictions via a -1 value in the maxbytes field.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4400
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292529
|
- |
|
freedesktop
gtk
|
spice-gtk
libgio
|
libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS env…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4425
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292530
|
- |
|
openstack
|
keystone
|
OpenStack Keystone 2012.1.3 does not invalidate existing tokens when granting or revoking roles, which allows remote authenticated users to retain the privileges of the revoked roles.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4413
|
2024-11-21 10:42 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
