|
296061
|
- |
|
jan_kara
|
linux_diskquota
|
The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3417
|
2024-11-21 10:40 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296062
|
- |
|
libtiff
|
libtiff
|
The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows conte…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3401
|
2024-11-21 10:40 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296063
|
- |
|
redhat
|
certificate_system
dogtag_certificate_system
|
Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with…
|
CWE-310
Cryptographic Issues
|
CVE-2012-3367
|
2024-11-21 10:40 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296064
|
- |
|
ushahidi
|
ushahidi_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) application/views/admin/layout.php and (2) themes/default/views/header.php in the Ushahidi Platform before 2.5 allow remote authenticated us…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3476
|
2024-11-21 10:40 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296065
|
- |
|
ushahidi
|
ushahidi_platform
|
The installer in the Ushahidi Platform before 2.5 omits certain calls to the exit function, which allows remote attackers to obtain administrative privileges via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2012-3475
|
2024-11-21 10:40 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296066
|
- |
|
ushahidi
|
ushahidi_platform
|
The comments API in application/libraries/api/MY_Comments_Api_Object.php in the Ushahidi Platform before 2.5 allows remote attackers to obtain sensitive information about the e-mail address, IP addre…
|
CWE-200
Information Exposure
|
CVE-2012-3474
|
2024-11-21 10:40 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296067
|
- |
|
ushahidi
|
ushahidi_platform
|
The (1) reports API and (2) administration feature in the comments API in the Ushahidi Platform before 2.5 do not require authentication, which allows remote attackers to generate reports and organiz…
|
CWE-287
Improper Authentication
|
CVE-2012-3473
|
2024-11-21 10:40 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296068
|
- |
|
ushahidi
|
ushahidi_platform
|
The email API in application/libraries/api/MY_Email_Api_Object.php in the Ushahidi Platform before 2.5 does not require authentication, which allows remote attackers to list, delete, or organize mess…
|
CWE-287
Improper Authentication
|
CVE-2012-3472
|
2024-11-21 10:40 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296069
|
- |
|
ushahidi
|
ushahidi_platform
|
Multiple SQL injection vulnerabilities in the edit functions in (1) application/controllers/admin/reports.php and (2) application/controllers/members/reports.php in the Ushahidi Platform before 2.5 a…
|
CWE-89
SQL Injection
|
CVE-2012-3471
|
2024-11-21 10:40 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296070
|
- |
|
ushahidi
|
ushahidi_platform
|
Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vector…
|
CWE-89
SQL Injection
|
CVE-2012-3470
|
2024-11-21 10:40 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
