|
296981
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Em…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1992
|
2024-11-21 10:38 |
2012-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296982
|
- |
|
novell
|
zenworks_configuration_management
|
Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.
|
CWE-22
Path Traversal
|
CVE-2012-2215
|
2024-11-21 10:38 |
2012-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296983
|
- |
|
phpmyadmin
|
phpmyadmin
|
show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the i…
|
CWE-200
Information Exposure
|
CVE-2012-1902
|
2024-11-21 10:38 |
2012-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296984
|
7.5 |
HIGH
Network
|
github
|
github
|
GitHub Enterprise before 20120304 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the public_key[user_id] value via a mod…
|
CWE-913
Improper Control of Dynamically-Managed Code Resources
|
CVE-2012-2055
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296985
|
- |
|
redmine
|
redmine
|
Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the (1) Comment, (2) Document, (3) Iss…
|
CWE-255
Credentials Management
|
CVE-2012-2054
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296986
|
- |
|
f5
|
firepass
|
The sudoers file in the Linux system configuration in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 does not require a password for executing commands as root, which allows local users to gain privileges…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2053
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296987
|
- |
|
socialcms
|
socialcms
|
Cross-site scripting (XSS) vulnerability in my_admin/admin1_list_pages.php in SocialCMS 1.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the TR_title par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1982
|
2024-11-21 10:38 |
2012-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296988
|
- |
|
privawall
|
privawall_antivirus
|
The scanner engine in PrivaWall Antivirus 5.6 and earlier does not recognize the Office XML (aka Open Document XML) file format, which allows remote attackers to bypass malware detection via a crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1907
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296989
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
mp4fformat.dll in the QuickTime File Format plugin in RealNetworks RealPlayer 15 and earlier, and RealPlayer SP 1.1.4 Build 12.0.0.756 and earlier, allows remote attackers to cause a denial of servic…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1904
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296990
|
- |
|
opera
|
opera_browser
|
Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allows local users to overwrite arbitrary files via a symlink attack on a temporary file during printing.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1931
|
2024-11-21 10:38 |
2012-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
