|
293371
|
- |
|
c2enterprise
|
c2_webresource
|
Cross-site scripting (XSS) vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2013-0125
|
2024-11-21 10:46 |
2013-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293372
|
- |
|
zeroclipboard_project
|
zeroclipboard
|
Cross-site scripting (XSS) vulnerability in ZeroClipboard before 1.1.4 allows remote attackers to inject arbitrary web script or HTML via "the clipText returned from the flash object," a different vu…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6550
|
2024-11-21 10:46 |
2013-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293373
|
- |
|
coreftp
|
coreftp
|
Multiple buffer overflows in Core FTP before 2.2 build 1769 allow remote FTP servers to execute arbitrary code or cause a denial of service (application crash) via a long directory name in a (1) DELE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0130
|
2024-11-21 10:46 |
2013-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293374
|
- |
|
novell
|
sentinel_log_manager
|
Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6534
|
2024-11-21 10:46 |
2013-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293375
|
- |
|
askia
|
askiaweb
|
Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to inject arbitrary web script or HTML via the (1) Number or (2) UpdatePag…
|
CWE-79
Cross-site Scripting
|
CVE-2013-0124
|
2024-11-21 10:46 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293376
|
- |
|
askia
|
askiaweb
|
Multiple SQL injection vulnerabilities in the administration interface in ASKIA askiaweb allow remote attackers to execute arbitrary SQL commands via (1) the nHistoryId parameter to WebProd/pages/pgH…
|
CWE-89
SQL Injection
|
CVE-2013-0123
|
2024-11-21 10:46 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293377
|
- |
|
verizon
|
fios_actiontec_mi424wr-gen31_router_firmware
fios_actiontec_mi424wr-gen31_router
|
Multiple cross-site request forgery (CSRF) vulnerabilities in index.cgi on the Verizon FIOS Actiontec MI424WR-GEN3I router with firmware 40.19.36 allow remote attackers to hijack the authentication o…
|
CWE-352
Origin Validation Error
|
CVE-2013-0126
|
2024-11-21 10:46 |
2013-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293378
|
- |
|
linux
|
linux_kernel
|
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from k…
|
CWE-200
Information Exposure
|
CVE-2012-6549
|
2024-11-21 10:46 |
2013-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293379
|
- |
|
linux
redhat
|
linux_kernel
enterprise_linux
|
The udf_encode_fh function in fs/udf/namei.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap m…
|
CWE-200
Information Exposure
|
CVE-2012-6548
|
2024-11-21 10:46 |
2013-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293380
|
- |
|
linux
|
linux_kernel
|
The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not initialize a certain structure, which allows local users to obtain sensitive information from kernel stack me…
|
CWE-200
Information Exposure
|
CVE-2012-6547
|
2024-11-21 10:46 |
2013-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
