|
294111
|
- |
|
flatnux
|
flatnux
|
Absolute path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/File…
|
CWE-22
Path Traversal
|
CVE-2012-4878
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294112
|
- |
|
flatnux
|
flatnux
|
Cross-site request forgery (CSRF) vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that a…
|
CWE-352
Origin Validation Error
|
CVE-2012-4877
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294113
|
- |
|
trendnet
|
securview_wireless_internet_camera_activex_control
securview_wireless_internet_camera
|
Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the Open…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4876
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294114
|
- |
|
artifex
|
gpl_ghostscript
|
Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4875
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294115
|
- |
|
awpcp
|
another_wordpress_classifieds_plugin
|
Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads."
|
NVD-CWE-noinfo
|
CVE-2012-4874
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294116
|
- |
|
sir
|
gnuboard
|
Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4873
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294117
|
- |
|
kayako
|
kayako_fusion
|
Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako Fusion before 4.40.985 allows remote attackers to inject arbitrary web script or HTML via certain vectors, possibly a crafted tick…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4872
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294118
|
- |
|
litespeedtech
|
litespeed_web_server
|
Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gti…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4871
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294119
|
- |
|
sangoma
|
freepbx
|
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4870
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294120
|
- |
|
sangoma
|
freepbx
|
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.
|
CWE-94
Code Injection
|
CVE-2012-4869
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
