|
293031
|
- |
|
wordpress
|
wordpress
|
wp-includes/formatting.php in WordPress before 3.3.2 attempts to enable clickable links inside attributes, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2403
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293032
|
- |
|
wordpress
|
wordpress
|
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2402
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293033
|
- |
|
moxiecode
wordpress
|
plupload
wordpress
|
Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2401
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293034
|
- |
|
wordpress
|
wordpress
|
Unspecified vulnerability in wp-includes/js/swfobject.js in WordPress before 3.3.2 has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-2400
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293035
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFupload 2.2.0.1 and earlier, as used in WordPress before 3.5.2, TinyMCE Image Manager 1.1 and earlier, and other products allows remote …
|
NVD-CWE-noinfo
|
CVE-2012-2399
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293036
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in files/ajax/download.php in ownCloud before 3.0.3 allows remote attackers to inject arbitrary web script or HTML via the files parameter, a different vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2398
|
2024-11-21 10:39 |
2012-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293037
|
- |
|
owncloud
|
owncloud
|
Cross-site request forgery (CSRF) vulnerability in ownCloud before 3.0.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) se…
|
CWE-352
Origin Validation Error
|
CVE-2012-2397
|
2024-11-21 10:39 |
2012-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293038
|
- |
|
videolan
|
vlc_media_player
|
VideoLAN VLC media player 2.0.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted MP4 file.
|
NVD-CWE-Other
|
CVE-2012-2396
|
2024-11-21 10:39 |
2012-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293039
|
7.5 |
HIGH
Network
|
ibm
|
websphere_mq
|
IBM WebSphere MQ 7.1 is vulnerable to a denial of service, caused by an error when handling user ids. A remote attacker could exploit this vulnerability to bypass the security configuration setup on …
|
NVD-CWE-noinfo
|
CVE-2012-2201
|
2024-11-21 10:38 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293040
|
6.1 |
MEDIUM
Network
|
ibm
|
rational_change
|
IBM Rational Change 5.3 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the SUPP_TEMPLATE_FLAG pa…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2160
|
2024-11-21 10:38 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
