|
295021
|
- |
|
zakongroup
|
openconf
|
SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
|
NVD-CWE-noinfo
|
CVE-2012-1002
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295022
|
- |
|
tubeace
|
tube_ace
|
SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these deta…
|
CWE-89
SQL Injection
|
CVE-2012-1029
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295023
|
- |
|
simple-groupware
|
simplegroupware
|
Cross-site scripting (XSS) vulnerability in bin/index.php in SimpleGroupware 0.742 and other versions before 0.743 allows remote attackers to inject arbitrary web script or HTML via the export parame…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1028
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295024
|
- |
|
project-open
|
\]project-open\[
|
Cross-site scripting (XSS) vulnerability in account-closed.tcl in ]project-open[ (aka ]po[) 3.4.x, 3.5.0.1-2, and possibly other versions allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1027
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295025
|
- |
|
johannes_ekberg
|
xray_cms
|
Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.
|
CWE-89
SQL Injection
|
CVE-2012-1026
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295026
|
- |
|
dream-multimedia-tv
|
enigma2_webinterface
|
Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2012-1025
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295027
|
- |
|
dream-multimedia-tv
|
enigma2_webinterface
|
Directory traversal vulnerability in file in Enigma2 Webinterface 1.5rc1 and 1.5beta4 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2012-1024
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295028
|
- |
|
4homepages
|
4images
|
Open redirect vulnerability in admin/index.php in 4images 1.7.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-1023
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295029
|
- |
|
4homepages
|
4images
|
SQL injection vulnerability in admin/categories.php in 4images 1.7.10 remote attackers to execute arbitrary SQL commands via the cat_parent_id parameter in an addcat action.
|
CWE-89
SQL Injection
|
CVE-2012-1022
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295030
|
- |
|
4homepages
|
4images
|
Cross-site scripting (XSS) vulnerability in admin/categories.php in 4images 1.7.10 allows remote attackers to inject arbitrary web script or HTML via the cat_parent_id parameter in an addcat action.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1021
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
