|
296141
|
- |
|
moodle
|
moodle
|
The webservices functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote authenticated users to bypass the deleted status and continue using a server via a…
|
CWE-16
Configuration
|
CVE-2012-0797
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296142
|
- |
|
moodle
|
moodle
|
class.phpmailer.php in the PHPMailer library, as used in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 and other products, allows remote authenticated use…
|
CWE-94
Code Injection
|
CVE-2012-0796
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296143
|
- |
|
moodle
|
moodle
|
Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 does not validate e-mail address settings, which allows remote authenticated users to have an unspecified im…
|
CWE-20
Improper Input Validation
|
CVE-2012-0795
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296144
|
- |
|
moodle
|
moodle
|
The rc4encrypt function in lib/moodlelib.php in Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 uses a hardcoded password of nfgjeingjk, which makes it easi…
|
CWE-255
Credentials Management
|
CVE-2012-0794
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296145
|
- |
|
moodle
|
moodle
|
Moodle 1.9.x before 1.9.16, 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 allows remote attackers to view the profile images of arbitrary user accounts via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0793
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296146
|
- |
|
moodle
|
moodle
|
mod/forum/user.php in Moodle 1.9.x before 1.9.16 allows remote authenticated users to obtain the names and other details of arbitrary user accounts by searching for posts.
|
CWE-200
Information Exposure
|
CVE-2012-0792
|
2024-11-21 10:35 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296147
|
9.8 |
CRITICAL
Network
|
tiki
|
tikiwiki_cms\/groupware
|
TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/banners/bannerlib.php; (2) prin…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2012-0911
|
2024-11-21 10:35 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296148
|
- |
|
libexpat_project
python
debian
canonical
oracle
redhat
|
libexpat
python
debian_linux
ubuntu_linux
solaris
enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_desktop
storage
enter…
|
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a deni…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2012-0876
|
2024-11-21 10:35 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296149
|
- |
|
fedoraproject
|
389_directory_server
|
The acllas__handle_group_entry function in servers/plugins/acl/acllas.c in 389 Directory Server before 1.2.10 does not properly handled access control instructions (ACIs) that use certificate groups,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0833
|
2024-11-21 10:35 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296150
|
- |
|
david_paleino
|
wicd
|
Wicd before 1.7.1 saves sensitive information in log files in /var/log/wicd, which allows context-dependent attackers to obtain passwords and other sensitive information.
|
CWE-255
Credentials Management
|
CVE-2012-0813
|
2024-11-21 10:35 |
2012-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
