|
294351
|
- |
|
flashfxp
|
flashfxp
|
Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4992
|
2024-11-21 10:43 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294352
|
- |
|
silverstripe
|
silverstripe
|
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe 2.3.x before 2.3.13 and 2.4.x before 2.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) a crafted string t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4968
|
2024-11-21 10:43 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294353
|
- |
|
mozilla
google
|
firefox
chrome
|
The SPDY protocol 3 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can perform TLS encryption of compressed data without properly obfuscating the length of the unencrypte…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4930
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294354
|
- |
|
debian
mozilla
google
|
debian_linux
firefox
chrome
|
The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4929
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294355
|
- |
|
oxwall
|
oxwall
|
Cross-site scripting (XSS) vulnerability in ow_updates/index.php in Oxwall 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the plugin parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4928
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294356
|
- |
|
limesurvey
|
limesurvey
|
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2012-4927
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294357
|
- |
|
imgpals
|
img_pals_photo_host
|
approve.php in Img Pals Photo Host 1.0 does not authenticate requests, which allows remote attackers to change the activation of administrators via the u parameter in an (1) app0 (disable) or (2) app…
|
CWE-287
Improper Authentication
|
CVE-2012-4926
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294358
|
- |
|
imgpals
|
img_pals_photo_host
|
Multiple SQL injection vulnerabilities in approve.php in Img Pals Photo Host 1.0 allow remote attackers to execute arbitrary SQL commands via the u parameter in a (1) app0 or (2) app1 action. NOTE: …
|
CWE-89
SQL Injection
|
CVE-2012-4925
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294359
|
- |
|
asus
|
net4switch
ipswcom_activex_component
|
Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Aler…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4924
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294360
|
- |
|
endian
|
firewall
|
Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule para…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4923
|
2024-11-21 10:43 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
