|
296321
|
- |
|
viscacha
|
viscacha
|
Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag p…
|
CWE-89
SQL Injection
|
CVE-2012-2908
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296322
|
- |
|
ishmael_sanchez
|
aberdeen
|
Cross-site scripting (XSS) vulnerability in the aberdeen_breadcrumb function in template.php in the Aberdeen theme 6.x-1.x before 6.x-1.11 for Drupal, when set to append the content title to the brea…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2907
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296323
|
- |
|
artiphp
|
artiphp_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo (r422) allow remote attackers to inject arbitrary web script or HTML via the (1) add…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2906
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296324
|
- |
|
artiphp
|
artiphp_cms
|
Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2905
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296325
|
- |
|
longtailvideo
|
jw_player
|
player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2904
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296326
|
- |
|
chatelao
|
php_address_book
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) ta…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2903
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296327
|
- |
|
ryan_demmer
|
joomla_content_editor
|
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows rem…
|
NVD-CWE-Other
|
CVE-2012-2902
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296328
|
- |
|
ryan_demmer
|
joomla_content_editor
|
Cross-site scripting (XSS) vulnerability in the Profile List in the Joomla Content Editor (JCE) component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2901
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296329
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2411
|
2024-11-21 10:39 |
2012-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296330
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via…
|
NVD-CWE-Other
|
CVE-2012-2406
|
2024-11-21 10:39 |
2012-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
