|
294001
|
- |
|
wearepropeople
|
glossify_internal_links_auto_seo
|
Cross-site scripting (XSS) vulnerability in the Glossify Internal Links Auto SEO module for Drupal 6.x-2.5 and earlier allows remote authenticated users with certain roles to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2309
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294002
|
- |
|
tahiticlic
|
taxonomy_grid_catalog
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Grid : Catalog module for Drupal 6.x-1.6 and earlier allows remote authenticated users with certain permissions to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2308
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294003
|
- |
|
plaatsoft
|
addressbook
|
Cross-site request forgery (CSRF) vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vector…
|
CWE-352
Origin Validation Error
|
CVE-2012-2307
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294004
|
- |
|
drupal
|
drupal
|
SQL injection vulnerability in the Addressbook module for Drupal 6.x-4.2 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-2306
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294005
|
- |
|
justin_ellison
|
node_gallery
|
Cross-site request forgery (CSRF) vulnerability in the Node Gallery module for Drupal 6.x-3.1 and earlier allows remote attackers to hijack the authentication of certain users for requests that creat…
|
CWE-352
Origin Validation Error
|
CVE-2012-2305
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294006
|
- |
|
nancy_wichmann
|
sitedoc
|
Site Documentation (Sitedoc) module for Drupal 6.x-1.x before 6.x-1.4 does not properly check the save location when archiving, which allows remote attackers to obtain sensitive information via unspe…
|
CWE-200
Information Exposure
|
CVE-2012-2302
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294007
|
- |
|
janrain
|
rpx
|
The Janrain Engage (formerly RPX) module for Drupal 6.x-1.x. 6.x-2.x before 6.x-2.2, and 7.x-2.x before 7.x-2.2 stores user profile data from Engage in session tables, which might allow remote attack…
|
CWE-200
Information Exposure
|
CVE-2012-2296
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294008
|
- |
|
roy_marples
|
dhcpcd
|
Stack-based buffer overflow in the get_packet method in socket.c in dhcpcd 3.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2152
|
2024-11-21 10:38 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294009
|
- |
|
ibm
|
db2
|
Stack-based buffer overflow in the Java Stored Procedure infrastructure in IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote authenticated users to ex…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2197
|
2024-11-21 10:38 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294010
|
- |
|
ibm
|
db2
|
IBM DB2 9.1 before FP12, 9.5 through FP9, 9.7 through FP6, 9.8 through FP5, and 10.1 allows remote attackers to read arbitrary XML files via the (1) GET_WRAP_CFG_C or (2) GET_WRAP_CFG_C2 stored proce…
|
CWE-200
Information Exposure
|
CVE-2012-2196
|
2024-11-21 10:38 |
2012-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
