|
291681
|
- |
|
wikidforum
|
wikidforum
|
Multiple SQL injection vulnerabilities in the advanced search in Wikidforum 2.10 allow remote attackers to execute arbitrary SQL commands via the (1) select_sort or (2) opt_search_select parameters. …
|
CWE-89
SQL Injection
|
CVE-2012-6520
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291682
|
- |
|
diy-cms
|
diy-cms
|
SQL injection vulnerability in modules/poll/index.php in DIY-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the start parameter to mod.php.
|
CWE-89
SQL Injection
|
CVE-2012-6519
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291683
|
- |
|
diy-cms
|
diy-cms
|
Cross-site request forgery (CSRF) vulnerability in mod.php in DiY-CMS 1.0 allows remote attackers to hijack the authentication of administrators for requests that create a poll via an add action to t…
|
CWE-352
Origin Validation Error
|
CVE-2012-6518
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291684
|
- |
|
diy-cms
|
diy-cms
|
Multiple cross-site scripting (XSS) vulnerabilities in DiY-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) question parameter to in /modules/poll/add.php or (2) ques…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6517
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291685
|
- |
|
shawn_bradley
|
php_ticket_system
|
SQL injection vulnerability in PHP Ticket System Beta 1 allows remote attackers to execute arbitrary SQL commands via the q parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2012-6516
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291686
|
- |
|
rockwellautomation
|
guardlogix_controllers
compactlogix_controllers
1794-aentr_flex_i\/o_ethernet\/ip_adapter
flexlogix_1788-enbt_adapter
micrologix
guardlogix
1768-enbt
1756-enbt
compactlogix
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/…
|
CWE-399
Resource Management Errors
|
CVE-2012-6435
|
2024-11-21 10:46 |
2013-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
291687
|
- |
|
efrontlearning
|
efront
|
eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers to obtain sensitive information via invalid courses_ID parameter in the lesson_info module to index.php, which reveals the insta…
|
CWE-200
Information Exposure
|
CVE-2012-6515
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291688
|
- |
|
netshinesoftware
|
com_netinvoice
|
Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) component 2.3.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the message parameter in an income act…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6514
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291689
|
- |
|
gpeasy
|
gpeasy_cms
|
Cross-site scripting (XSS) vulnerability in index.php/Admin_Preferences in gpEasy CMS 2.3.3 allows remote attackers to inject arbitrary web script or HTML via the jsoncallback parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6513
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291690
|
- |
|
organizer_project
|
organizer
|
The Organizer plugin 1.2.1 for WordPress allows remote attackers to obtain the installation path via unspecified vectors to (1) plugin_hook.php, (2) page/index.php, (3) page/dir.php (4) page/options.…
|
CWE-200
Information Exposure
|
CVE-2012-6512
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
