|
291921
|
- |
|
djangoproject
|
django
|
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host…
|
CWE-20
Improper Input Validation
|
CVE-2012-4520
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291922
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4950
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291923
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages.
|
CWE-310
Cryptographic Issues
|
CVE-2012-4947
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291924
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4946
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291925
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection" issue.
|
CWE-20
Improper Input Validation
|
CVE-2012-4945
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291926
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified …
|
NVD-CWE-Other
|
CVE-2012-4944
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291927
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requ…
|
CWE-352
Origin Validation Error
|
CVE-2012-4943
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291928
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple cross-site scripting (XSS) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to inject arbitrary web script or HTML via an arbitrary text fi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4942
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291929
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple SQL injection vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-4941
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291930
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site scripting (XSS) vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4938
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
