|
296531
|
- |
|
tp-link
|
tl-wr841n_firmware
tl-wr841n
|
Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6316
|
2024-11-21 10:46 |
2014-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296532
|
- |
|
linux
novell
|
linux_kernel
suse_linux_enterprise_server
|
The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6657
|
2024-11-21 10:46 |
2014-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296533
|
- |
|
phorum
|
phorum
|
Cross-site scripting (XSS) vulnerability in the admin interface in Phorum before 5.2.19 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6659
|
2024-11-21 10:46 |
2014-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296534
|
- |
|
spiceworks
|
spiceworks
|
Multiple cross-site scripting (XSS) vulnerabilities in SpiceWorks 5.3.75941 allow remote attackers to inject arbitrary web script or HTML via the (1) syslocation, (2) syscontact, or (3) sysName confi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6658
|
2024-11-21 10:46 |
2014-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296535
|
- |
|
zpanelcp
|
zpanel
|
Multiple SQL injection vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) resetkey or (2) inConfEmail parameter to index.php, a differen…
|
CWE-89
SQL Injection
|
CVE-2012-6654
|
2024-11-21 10:46 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296536
|
- |
|
all_video_gallery_plugin_project
|
all_video_gallery_plugin
|
Unspecified vulnerability in the All Video Gallery (all-video-gallery) plugin before 1.2.0 for WordPress has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-6653
|
2024-11-21 10:46 |
2014-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296537
|
- |
|
vitamin_plugin_project
|
vitamin
|
Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_head…
|
CWE-22
Path Traversal
|
CVE-2012-6651
|
2024-11-21 10:46 |
2014-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296538
|
- |
|
axway
|
email_firewall
secure_messenger
|
Axway Secure Messenger before 6.5 Updated Release 7, as used in Axway Email Firewall, provides different responses to authentication requests depending on whether the user exists, which allows remote…
|
CWE-287
Improper Authentication
|
CVE-2012-6452
|
2024-11-21 10:46 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296539
|
- |
|
linux
|
linux_kernel
|
The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2012-6647
|
2024-11-21 10:46 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296540
|
- |
|
gdm-guest-session_project
canonical
|
gdm-guest-session
ubuntu_linux
|
gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04 LTS, 10.10, and 11.04, allows local users to delete arbitrary files via a space in the name of a file…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6648
|
2024-11-21 10:46 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
