|
296131
|
- |
|
silisoftware
|
phpthumb\(\)
|
Multiple cross-site scripting (XSS) vulnerabilities in SiliSoftware phpThumb() 1.7.11 allow remote attackers to inject arbitrary web script or HTML via the (1) dir parameter to demo/phpThumb.demo.ran…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2910
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296132
|
- |
|
viscacha
|
viscacha
|
Multiple cross-site scripting (XSS) vulnerabilities in Viscacha 0.8.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) text field in the Private Messages System, (2) Bad Wo…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2909
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296133
|
- |
|
viscacha
|
viscacha
|
Multiple SQL injection vulnerabilities in admin/bbcodes.php in Viscacha 0.8.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) bbcodeexample, (2) buttonimage, or (3) bbcodetag p…
|
CWE-89
SQL Injection
|
CVE-2012-2908
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296134
|
- |
|
ishmael_sanchez
|
aberdeen
|
Cross-site scripting (XSS) vulnerability in the aberdeen_breadcrumb function in template.php in the Aberdeen theme 6.x-1.x before 6.x-1.11 for Drupal, when set to append the content title to the brea…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2907
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296135
|
- |
|
artiphp
|
artiphp_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in artpublic/recommandation/index.php in Artiphp CMS 5.5.0 Neo (r422) allow remote attackers to inject arbitrary web script or HTML via the (1) add…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2906
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296136
|
- |
|
artiphp
|
artiphp_cms
|
Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2905
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296137
|
- |
|
longtailvideo
|
jw_player
|
player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2904
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296138
|
- |
|
chatelao
|
php_address_book
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) ta…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2903
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296139
|
- |
|
ryan_demmer
|
joomla_content_editor
|
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows rem…
|
NVD-CWE-Other
|
CVE-2012-2902
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296140
|
- |
|
ryan_demmer
|
joomla_content_editor
|
Cross-site scripting (XSS) vulnerability in the Profile List in the Joomla Content Editor (JCE) component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2901
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
