|
293091
|
- |
|
redhat
squirrelmail
|
enterprise_linux
squirrelmail
|
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial…
|
CWE-399
Resource Management Errors
|
CVE-2012-2124
|
2024-11-21 10:38 |
2013-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293092
|
- |
|
pizzashack
|
rssh
|
Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.
|
NVD-CWE-Other
|
CVE-2012-2252
|
2024-11-21 10:38 |
2013-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293093
|
- |
|
pizzashack
|
rssh
|
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.
|
CWE-20
Improper Input Validation
|
CVE-2012-2251
|
2024-11-21 10:38 |
2013-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293094
|
- |
|
apache
|
cxf
|
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2378
|
2024-11-21 10:38 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293095
|
- |
|
apache
|
cxf
|
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element …
|
NVD-CWE-noinfo
|
CVE-2012-2379
|
2024-11-21 10:38 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293096
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2253
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293097
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to artefact/file/ and a…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2247
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293098
|
- |
|
mahara
|
mahara
|
Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php.
|
CWE-20
Improper Input Validation
|
CVE-2012-2246
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293099
|
- |
|
mahara
|
mahara
|
Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote authenticated administrators to execute arbitrary programs by modifying the path to clamav. NOTE: this can be exploited without authent…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2244
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293100
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML by uploading an XML file with the xhtml ext…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2243
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
