|
296601
|
- |
|
advantech
|
advantech_webaccess
|
Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: t…
|
CWE-352
Origin Validation Error
|
CVE-2012-1235
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296602
|
- |
|
advantech
|
advantech_webaccess
|
SQL injection vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to execute arbitrary SQL commands via a malformed URL. NOTE: this vulnerability exists because of an…
|
CWE-89
SQL Injection
|
CVE-2012-1234
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296603
|
- |
|
pluck-cms
|
pluck
|
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in pluck 4.7 allow remote attackers to hijack the authentication of admins for requests that (1) modify the admin email address…
|
CWE-352
Origin Validation Error
|
CVE-2012-1227
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296604
|
- |
|
dolibarr
|
dolibarr_erp\/crm
|
Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file paramete…
|
CWE-22
Path Traversal
|
CVE-2012-1226
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296605
|
- |
|
dolibarr
|
dolibarr_erp\/crm
|
Multiple SQL injection vulnerabilities in Dolibarr CMS 3.2.0 Alpha and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) memberslist parameter (aka Member List) i…
|
CWE-89
SQL Injection
|
CVE-2012-1225
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296606
|
- |
|
contentlion
|
contentlion_alpha
|
Cross-site scripting (XSS) vulnerability in system/classes/login.php in ContentLion Alpha 1.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1224
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296607
|
- |
|
rabidhamster
|
r2\/extreme
|
RabidHamster R2/Extreme 1.65 and earlier uses a small search space of values for the PIN number, which allows remote attackers to obtain the PIN number via a brute force attack.
|
CWE-200
Information Exposure
|
CVE-2012-1223
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296608
|
- |
|
rabidhamster
|
r2\/extreme
|
Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated users to execute arbitrary code via a long string to TCP port 23.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1222
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296609
|
- |
|
rabidhamster
|
r2\/extreme
r2\/
|
Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the File command.
|
CWE-22
Path Traversal
|
CVE-2012-1221
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296610
|
- |
|
devincentiis
|
gazie
|
Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that c…
|
CWE-352
Origin Validation Error
|
CVE-2012-1220
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
