|
294221
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.x and 3.x through 3.6.11, 3.7.x and 4.0.x before 4.0.8, 4.1.x and 4.2.x before 4.2.3, and 4.3.x before 4.3.3 stores potentially sensitive information under the web root with insufficient a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4747
|
2024-11-21 10:43 |
2012-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294222
|
- |
|
zte
|
zxdsl
|
Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi in ZTE ZXDSL 831IIV7.5.0a_Z29_OV allows remote attackers to hijack the authentication of administrators for requests that change t…
|
CWE-352
Origin Validation Error
|
CVE-2012-4746
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294223
|
- |
|
the_collective
|
acuity_cms
|
Cross-site scripting (XSS) vulnerability in admin/login.asp in Acuity CMS 2.6.2 allows remote attackers to inject arbitrary web script or HTML via the UserName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4745
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294224
|
- |
|
eos.pe
|
siche_search_module
|
Cross-site scripting (XSS) vulnerability in ssearch.php in the Siche search module 0.5 for Zeroboard allows remote attackers to inject arbitrary web script or HTML via the search parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4744
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294225
|
- |
|
eos.pe
|
siche_search_module
|
Multiple SQL injection vulnerabilities in ssearch.php in Siche search module 0.5 for Zeroboard allow remote attackers to execute arbitrary SQL commands via the (1) ss, (2) sm, (3) align, or (4) categ…
|
CWE-89
SQL Injection
|
CVE-2012-4743
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294226
|
- |
|
packetfence
|
packetfence
|
The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4742
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294227
|
- |
|
packetfence
|
packetfence
|
The RADIUS extension in PacketFence before 3.3.0 uses a different user name than is used for authentication for users with custom VLAN assignment extensions, which allows remote attackers to spoof us…
|
CWE-287
Improper Authentication
|
CVE-2012-4741
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294228
|
- |
|
packetfence
|
packetfence
|
Cross-site scripting (XSS) vulnerability in the captive portal in PacketFence before 3.3.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4740
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294229
|
- |
|
barracudanetworks
|
barracuda_ssl_vpn
|
Multiple cross-site scripting (XSS) vulnerabilities in Barracuda SSL VPN before 2.2.2.203 (2012-07-05) allow remote attackers to inject arbitrary web script or HTML via the (1) policyLaunching, (2) r…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4739
|
2024-11-21 10:43 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294230
|
- |
|
digium
|
asterisk
certified_asterisk
|
channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4737
|
2024-11-21 10:43 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
