|
294211
|
- |
|
qpw.famvanakkeren
|
quick_post_widget
|
Multiple cross-site scripting (XSS) vulnerabilities in Quick Post Widget plugin 1.9.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) Title, (2) Content, or (3…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4226
|
2024-11-21 10:42 |
2014-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294212
|
- |
|
microcart_project
|
microcart
|
Multiple cross-site scripting (XSS) vulnerabilities in Microcart 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO or (2) query string to _admin/index.php or (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4241
|
2024-11-21 10:42 |
2014-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294213
|
- |
|
tinymce
|
tinymce
|
The bbcode plugin in TinyMCE 3.5.8 does not properly enforce the TinyMCE security policy for the (1) encoding directive and (2) valid_elements attribute, which allows attackers to conduct cross-site …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4230
|
2024-11-21 10:42 |
2014-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294214
|
- |
|
cisco
|
nx-os
|
Directory traversal vulnerability in filesys in Cisco NX-OS 6.1(2) and earlier allows local users to access arbitrary files via crafted command-line arguments during a delete action, aka Bug IDs CSCt…
|
CWE-22
Path Traversal
|
CVE-2012-4135
|
2024-11-21 10:42 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294215
|
- |
|
cisco
|
nx-os
|
Directory traversal vulnerability in tar in Cisco NX-OS allows local users to access arbitrary files via crafted command-line arguments, aka Bug IDs CSCty07157, CSCty07159, CSCty07162, and CSCty07164.
|
CWE-22
Path Traversal
|
CVE-2012-4131
|
2024-11-21 10:42 |
2013-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294216
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM virtual-media data, which allows man-in-the-middle attackers to obtain sensitive information by sniffing…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4115
|
2024-11-21 10:42 |
2013-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294217
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not properly verify X.509 certificates, which allows man-in-the-middle attackers to watch SSL KVM video-channel traffic …
|
CWE-20
Improper Input Validation
|
CVE-2012-4117
|
2024-11-21 10:42 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294218
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect component in Cisco Unified Computing System (UCS) does not encrypt KVM media traffic, which allows remote attackers to obtain sensitive information, and consequently complete …
|
CWE-200
Information Exposure
|
CVE-2012-4116
|
2024-11-21 10:42 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294219
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect KVM module in Cisco Unified Computing System (UCS) does not encrypt video data, which allows man-in-the-middle attackers to watch KVM display content by sniffing the network o…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4114
|
2024-11-21 10:42 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294220
|
- |
|
cisco
|
unified_computing_system
|
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to gain privileges and read arbitrary files via crafted command parameters within the command-line interfa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4113
|
2024-11-21 10:42 |
2013-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
