|
296121
|
- |
|
chevereto
|
chevereto
|
Directory traversal vulnerability in Upload/engine.php in Chevereto 1.9.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) in the v parameter.
|
CWE-22
Path Traversal
|
CVE-2012-2919
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296122
|
- |
|
chevereto
|
chevereto
|
Cross-site scripting (XSS) vulnerability in Upload/engine.php in Chevereto 1.91 allows remote attackers to inject arbitrary web script or HTML via the v parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2918
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296123
|
- |
|
hp
|
business_service_management
|
HP Business Service Management (BSM) 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server compo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2561
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296124
|
- |
|
andrew_killen
|
share_and_follow
|
Cross-site scripting (XSS) vulnerability in the Share and Follow plugin 1.80.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the CDN API Key (cnd-key) in a share-an…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2917
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296125
|
- |
|
dlo
|
simple_anti_bot_registration_engine_plugin
|
Cross-site scripting (XSS) vulnerability in sabre_class_admin.php in the SABRE plugin before 2.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the active_option par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2916
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296126
|
- |
|
lattice_semiconductor
|
pac-designer
|
Stack-based buffer overflow in Lattice Semiconductor PAC-Designer 6.2.1344 allows remote attackers to execute arbitrary code via a long string in a Value tag in a SymbolicSchematicData definition tag…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2915
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296127
|
- |
|
unijimpe
|
captcha
|
Cross-site scripting (XSS) vulnerability in captchademo.php in Unijimpe Captcha allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2914
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296128
|
- |
|
mapsmarker
|
leaflet_maps_marker_plugin
|
Multiple cross-site scripting (XSS) vulnerabilities in the Leaflet plugin 0.0.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) leaflet_layer.p…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2913
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296129
|
- |
|
kolja_schleich
|
leaguemanager
|
Multiple cross-site scripting (XSS) vulnerabilities in the LeagueManager plugin 3.7 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) group parameter in the show…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2912
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296130
|
- |
|
silisoftware
|
backupdb\(\)
|
Cross-site scripting (XSS) vulnerability in backupDB.php in SiliSoftware backupDB() 1.2.7a allows remote attackers to inject arbitrary web script or HTML via the onlyDB parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2911
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
