|
296321
|
9.8 |
CRITICAL
Network
|
plixer
|
scrutinizer_netflow_\&_sflow_analyzer
|
Multiple SQL injection vulnerabilities in Plixer International Scrutinizer NetFlow & sFlow Analyzer 8.6.2.16204, and possibly other versions before 9.0.1.19899, allow remote attackers to execute arbi…
|
CWE-89
SQL Injection
|
CVE-2012-1259
|
2024-11-21 10:36 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296322
|
6.5 |
MEDIUM
Network
|
plixer
|
scrutinizer_netflow_\&_sflow_analyzer
|
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with admini…
|
CWE-287
Improper Authentication
|
CVE-2012-1258
|
2024-11-21 10:36 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296323
|
6.1 |
MEDIUM
Network
|
ldap-account-manager
fedoraproject
debian
|
ldap_account_manager
fedora
debian_linux
|
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1115
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296324
|
6.1 |
MEDIUM
Network
|
ldap-account-manager
fedoraproject
debian
|
ldap_account_manager
fedora
debian_linux
|
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1114
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296325
|
5.5 |
MEDIUM
Local
|
apereo
fedoraproject
debian
|
phpcas
fedora
debian_linux
|
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file…
|
CWE-200
Information Exposure
|
CVE-2012-1105
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296326
|
5.3 |
MEDIUM
Network
|
apereo
debian
|
phpcas
debian_linux
|
A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.
|
CWE-269
Improper Privilege Management
|
CVE-2012-1104
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296327
|
6.1 |
MEDIUM
Network
|
chyrp
|
chyrp
|
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1001
|
2024-11-21 10:36 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296328
|
5.5 |
MEDIUM
Local
|
pidgin
|
pidgin
|
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2012-1257
|
2024-11-21 10:36 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296329
|
7.5 |
HIGH
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2012-1170
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296330
|
5.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
|
CWE-200
Information Exposure
|
CVE-2012-1169
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
