|
294501
|
- |
|
ubbcentral
|
ubb.threads
|
Cross-site scripting (XSS) vulnerability in forums/ubbthreads.php in UBB.threads 7.5.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the Loginname parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5104
|
2024-11-21 10:44 |
2012-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294502
|
- |
|
dnelubin
|
gelinsguestbook
|
Multiple cross-site scripting (XSS) vulnerabilities in action/add-submit.php in Ggb Guestbook 0.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url or (2) message parame…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5103
|
2024-11-21 10:44 |
2012-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294503
|
- |
|
dariusz_handzlik
|
vertrigoserv
|
Cross-site scripting (XSS) vulnerability in inc/extensions.php in VertrigoServ 2.25 allows remote attackers to inject arbitrary web script or HTML via the ext parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5102
|
2024-11-21 10:44 |
2012-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294504
|
- |
|
jextensions
|
je_poll_component
|
SQL injection vulnerability in the JExtensions JE Poll component before 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-5101
|
2024-11-21 10:44 |
2012-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294505
|
- |
|
luizpicanco
|
hserver
|
Directory traversal vulnerability in HServer 0.1.1 allows remote attackers to read arbitrary files via a (1) ..%5c (dot dot encoded backslash) or (2) %2e%2e%5c (encoded dot dot backslash) in the PATH…
|
CWE-22
Path Traversal
|
CVE-2012-5100
|
2024-11-21 10:44 |
2012-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294506
|
- |
|
phpb2b
|
phpb2b
|
Cross-site scripting (XSS) vulnerability in list.php in PHPB2B 4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter in a search action.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5099
|
2024-11-21 10:44 |
2012-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294507
|
- |
|
j_waite
|
php-x-links
|
Multiple SQL injection vulnerabilities in Php-X-Links, possibly 1.0, allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to rate.php, (2) cid parameter to view.php, or (…
|
CWE-89
SQL Injection
|
CVE-2012-5098
|
2024-11-21 10:44 |
2012-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294508
|
6.5 |
MEDIUM
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could expl…
|
NVD-CWE-noinfo
|
CVE-2012-4818
|
2024-11-21 10:43 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294509
|
6.1 |
MEDIUM
Network
|
zenphoto
|
zenphoto
|
Zenphoto before 1.4.3.4 admin-news-articles.php date parameter XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4519
|
2024-11-21 10:43 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294510
|
8.8 |
HIGH
Network
|
kde
redhat
|
kde
enterprise_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server_eus
|
The CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "ty…
|
CWE-843
Type Confusion
|
CVE-2012-4512
|
2024-11-21 10:43 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
