|
296611
|
- |
|
freelancerkit
|
freelancerkit
|
Multiple cross-site scripting (XSS) vulnerabilities in freelancerKit 2.35 allow remote attackers to inject arbitrary web script or HTML via the (1) ticket parameter to tickets.php, (2) title paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1219
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296612
|
- |
|
freelancerkit
|
freelancerkit
|
Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to the (1) notes and (2) tickets components.
|
CWE-89
SQL Injection
|
CVE-2012-1218
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296613
|
- |
|
zenphoto
|
zenphoto
|
Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in an external action to zp-core/admin.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0995
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296614
|
- |
|
zenphoto
|
zenphoto
|
SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto 1.4.2 allows remote authenticated users to execute arbitrary SQL commands via the sortableList para…
|
CWE-89
SQL Injection
|
CVE-2012-0994
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296615
|
- |
|
zenphoto
|
zenphoto
|
Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via …
|
CWE-94
Code Injection
|
CVE-2012-0993
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296616
|
- |
|
simhl
|
sths_v2_web_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in STHS v2 Web Portal 2.2 allow remote attackers to inject arbitrary web script or HTML via the team parameter to (1) prospects.php, (2) prospect.p…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1217
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296617
|
- |
|
pbboard
|
pbboard
|
Multiple cross-site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 allow remote attackers to hijack the authentication of administrators for requests that (1) upload a file via …
|
CWE-352
Origin Validation Error
|
CVE-2012-1216
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296618
|
- |
|
yoono
|
yoono_for_firefox
|
Cross-site scripting (XSS) vulnerability in the Add friends module in the Yoono extension before 7.7.8 for Firefox allows remote attackers to inject arbitrary web script or HTML via the create field …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1215
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296619
|
- |
|
yoono
|
yoono_desktop
|
Cross-site scripting (XSS) vulnerability in the Add friends module in Yoono Desktop Application before 1.8.21 allows remote attackers to inject arbitrary web script or HTML via the create field in a …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1214
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296620
|
- |
|
nova-cms
|
nova_cms
|
Multiple PHP remote file inclusion vulnerabilities in Nova CMS allow remote attackers to execute arbitrary PHP code via a URL in the (1) fileType parameter to optimizer/index.php, (2) id parameter to…
|
CWE-94
Code Injection
|
CVE-2012-1200
|
2024-11-21 10:36 |
2012-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
