|
292681
|
- |
|
sitracker
|
support_incident_tracker
|
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2235
|
2024-11-21 10:38 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292682
|
- |
|
ibm
|
lotus_quickr
|
Multiple stack-based buffer overflows in a certain ActiveX control in qp2.cab in IBM Lotus Quickr 8.2 before 8.2.0.27-002a for Domino allow remote attackers to execute arbitrary code via a long argum…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2176
|
2024-11-21 10:38 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292683
|
- |
|
adobe
|
illustrator
illustrator_cs5.5
|
Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-201…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2042
|
2024-11-21 10:38 |
2012-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292684
|
- |
|
tornadoweb
|
tornado
|
CRLF injection vulnerability in the tornado.web.RequestHandler.set_header function in Tornado before 2.2.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting…
|
CWE-20
Improper Input Validation
|
CVE-2012-2374
|
2024-11-21 10:38 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292685
|
- |
|
cypherpunks
|
pidgin-otr
|
Format string vulnerability in the log_message_cb function in otr-plugin.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 3.2.1 for Pidgin might allow remote attackers to execute arbi…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2012-2369
|
2024-11-21 10:38 |
2012-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292686
|
- |
|
schneider-electric
|
kerweb
kerwin
|
Multiple cross-site scripting (XSS) vulnerabilities in Schneider Electric Kerweb before 3.0.1 and Kerwin before 6.0.1 allow remote attackers to inject arbitrary web script or HTML via (1) the evtvari…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1990
|
2024-11-21 10:38 |
2012-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292687
|
- |
|
geoff_davies
|
contact_forms
|
The Contact Forms module 7.x-1.x before 7.x-1.2 for Drupal does not specify sufficiently restrictive permissions, which allows remote authenticated users with the "access the site-wide contact form" …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2340
|
2024-11-21 10:38 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292688
|
- |
|
nancy_wichmann
drupal
|
glossary
drupal
|
Cross-site scripting (XSS) vulnerability in the Glossary module 6.x-1.x before 6.x-1.8 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "ta…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2339
|
2024-11-21 10:38 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292689
|
- |
|
johan_cwiklinski
|
galette
|
SQL injection vulnerability in includes/picture.class.php in Galette 0.63, 0.63.1, 0.63.2, 0.63.3, and 0.64rc1 allows remote attackers to execute arbitrary SQL commands via the id_adh parameter to pi…
|
CWE-89
SQL Injection
|
CVE-2012-2338
|
2024-11-21 10:38 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292690
|
- |
|
skincrafter
|
skincrafter
|
Buffer overflow in the InitLicenKeys function in a certain ActiveX control in SkinCrafter3_vs2005.dll in SkinCrafter 3.0 allows remote attackers to execute arbitrary code via a long string in the fir…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2271
|
2024-11-21 10:38 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
