|
293691
|
- |
|
stanislas_rolland
|
sr_feuser_register
|
The Front End User Registration (sr_feuser_register) extension before 2.6.2 for TYPO3 allows remote attackers to obtain user names and passwords via the (1) edit perspective or (2) autologin feature.
|
CWE-200
Information Exposure
|
CVE-2012-5890
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293692
|
- |
|
alex_kellner
|
powermail
|
Cross-site scripting (XSS) vulnerability in the powermail extension before 1.6.5 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5889
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293693
|
- |
|
benjamin_mack
|
seo_basics
|
Cross-site scripting (XSS) vulnerability in Basic SEO Features (seo_basics) extension before 0.8.2 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5888
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293694
|
- |
|
apache
|
tomcat
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with …
|
CWE-287
Improper Authentication
|
CVE-2012-5887
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293695
|
- |
|
apache
|
tomcat
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session …
|
CWE-287
Improper Authentication
|
CVE-2012-5886
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293696
|
- |
|
apache
|
tomcat
|
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka clien…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5885
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293697
|
- |
|
uk-cookie_project
|
uk-cookie
|
Cross-site scripting (XSS) vulnerability in the Uk Cookie (aka uk-cookie) plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5856
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293698
|
- |
|
mozilla
|
bugzilla
|
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSO…
|
CWE-200
Information Exposure
|
CVE-2012-5884
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293699
|
- |
|
mozilla
yahoo
|
bugzilla
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x an…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5883
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293700
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploade…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5882
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
