|
295991
|
- |
|
gentoo
|
webmin
|
file/edit_html.cgi in Webmin 1.590 and earlier does not perform an authorization check before showing a file's unedited contents, which allows remote attackers to read arbitrary files via the file fi…
|
CWE-287
Improper Authentication
|
CVE-2012-2983
|
2024-11-21 10:40 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295992
|
- |
|
gentoo
|
webmin
|
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
|
NVD-CWE-Other
|
CVE-2012-2982
|
2024-11-21 10:40 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295993
|
- |
|
gentoo
|
webmin
|
Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary Perl code via a crafted file associated with the type (aka monitor type name) parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-2981
|
2024-11-21 10:40 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295994
|
- |
|
f5
|
application_security_manager_appliance
|
Cross-site scripting (XSS) vulnerability in the traffic overview page on the F5 ASM appliance 10.0.0 through 11.2.0 HF2 allows remote attackers to inject arbitrary web script or HTML via crafted requ…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2975
|
2024-11-21 10:40 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295995
|
- |
|
ibm
|
tivoli_asset_management_for_it
smartcloud_control_desk
change_and_configuration_management_database
maximo_asset_management
maximo_service_desk
tivoli_service_request_manager
|
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, a…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3326
|
2024-11-21 10:40 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295996
|
- |
|
ibm
|
tivoli_asset_management_for_it
maximo_asset_management
smartcloud_control_desk
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
|
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Ser…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3313
|
2024-11-21 10:40 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295997
|
- |
|
hp
|
business_availability_center
|
HP Business Availability Center (BAC) 8.07 allows remote authenticated users to hijack web sessions via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-3257
|
2024-11-21 10:40 |
2012-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295998
|
- |
|
hp
|
business_availability_center
|
Cross-site request forgery (CSRF) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-3256
|
2024-11-21 10:40 |
2012-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295999
|
- |
|
hp
|
business_availability_center
|
Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 8.07 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3255
|
2024-11-21 10:40 |
2012-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296000
|
- |
|
realflex
|
realwin
flexview
realwindemo
|
Multiple untrusted search path vulnerabilities in RealFlex RealWin before 2.1.13, FlexView before 3.1.86, and RealWinDemo before 2.1.13 allow local users to gain privileges via a Trojan horse (1) rea…
|
NVD-CWE-Other
|
CVE-2012-3004
|
2024-11-21 10:40 |
2012-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
