|
296931
|
- |
|
mediafront
|
mediafront
|
Multiple cross-site scripting (XSS) vulnerabilities in the "stand alone PHP application for the OSM Player," as used in the MediaFront module 6.x-1.x before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Dru…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1647
|
2024-11-21 10:37 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296932
|
- |
|
wimleers
|
cdn
|
The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin Pull mode with the "Far Future expiration" option enabled, allows remote attackers to read arbitrary PHP files via unspecified ve…
|
CWE-200
Information Exposure
|
CVE-2012-1645
|
2024-11-21 10:37 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296933
|
- |
|
gizra
|
og_vocab
|
The Organic Groups (OG) Vocabulary module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with certain administrator permissions to modify the vocabularies of other groups via uns…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1644
|
2024-11-21 10:37 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296934
|
- |
|
jason_savino
|
fp
|
The Faster Permissions module 7.x-2.x before 7.x-1.2 for Drupal does not check the "administer permissions" permission, which allows remote attackers to modify access permissions via unspecified vect…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1643
|
2024-11-21 10:37 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296935
|
- |
|
yaml-fuer-drupal
|
linkchecker
|
includes/linkchecker.pages.inc in the Link checker module 6.x-2.x before 6.x-2.5 for Drupal does not properly enforce access permissions on broken links, which allows remote attackers to obtain sensi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1642
|
2024-11-21 10:37 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296936
|
- |
|
danielb
|
finder
|
The finder_import function in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote authenticated users with the administer finder permission …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1641
|
2024-11-21 10:37 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296937
|
- |
|
rik_de_boer
|
revisioning
|
The hook_node_access function in the revisioning module 7.x-1.x before 7.x-1.3 for Drupal checks the permissions of the current user even when it is called to check permissions of other users, which …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1635
|
2024-11-21 10:37 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296938
|
- |
|
debian
|
cifs-utils
|
mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error messag…
|
CWE-200
Information Exposure
|
CVE-2012-1586
|
2024-11-21 10:37 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296939
|
- |
|
ez
|
ezjscore
|
Cross-site scripting (XSS) vulnerability in the textEncode function in classes/ezjscajaxcontent.php in eZ JS Core in eZ Publish before 1.5 allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1597
|
2024-11-21 10:37 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296940
|
- |
|
openstack
|
nova
|
OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.
|
CWE-399
Resource Management Errors
|
CVE-2012-1585
|
2024-11-21 10:37 |
2012-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
