|
295171
|
- |
|
orangehrm
|
orangehrm
|
SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5259
|
2024-11-21 10:34 |
2013-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295172
|
- |
|
orangehrm
|
orangehrm
|
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.6.11.2 allow remote attackers to inject arbitrary web script or HTML via the (1) uniqcode or (2) isAdmin parameter to index.p…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5258
|
2024-11-21 10:34 |
2013-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295173
|
- |
|
redhat
|
jboss_enterprise_application_platform
jboss_enterprise_web_platform
jboss_enterprise_brms_platform
|
The NonManagedConnectionFactory in JBoss Enterprise Application Platform (EAP) 5.1.2 and 5.2.0, Web Platform (EWP) 5.1.2 and 5.2.0, and BRMS Platform before 5.3.1 logs the username and password in cl…
|
CWE-255
Credentials Management
|
CVE-2012-0034
|
2024-11-21 10:34 |
2013-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295174
|
- |
|
ibm
|
infosphere_information_server
infosphere_metadata_workbench
|
InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly restrict use of the troubleshooting feature, which allows remot…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0205
|
2024-11-21 10:34 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295175
|
- |
|
ibm
|
infosphere_import_export_manager
infosphere_information_server
infosphere_information_server_metabrokers_\&_bridges
|
Untrusted search path vulnerability in InfoSphere Import Export Manager 8.1 through 9.1 in InfoSphere Information Server MetaBrokers & Bridges (MBB) in IBM InfoSphere Information Server 8.1, 8.5 befo…
|
NVD-CWE-Other
|
CVE-2012-0204
|
2024-11-21 10:34 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295176
|
- |
|
ibm
|
infosphere_information_server
infosphere_metadata_workbench
|
Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0203
|
2024-11-21 10:34 |
2013-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295177
|
- |
|
suse
|
webyast
|
SUSE WebYaST before 1.2 0.2.63-0.6.1 allows remote attackers to modify the hosts list, and subsequently conduct man-in-the-middle attacks, via a crafted /host request on TCP port 4984.
|
NVD-CWE-noinfo
|
CVE-2012-0435
|
2024-11-21 10:34 |
2013-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295178
|
- |
|
microfocus
|
edirectory
|
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0432
|
2024-11-21 10:34 |
2012-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295179
|
- |
|
microfocus
|
edirectory
|
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks vi…
|
NVD-CWE-noinfo
|
CVE-2012-0430
|
2024-11-21 10:34 |
2012-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295180
|
- |
|
microfocus
|
edirectory
|
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP …
|
NVD-CWE-Other
|
CVE-2012-0429
|
2024-11-21 10:34 |
2012-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
