|
296021
|
- |
|
oracle
mariadb
|
mysql
mariadb
|
Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection wh…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2012-5627
|
2024-11-21 10:45 |
2013-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296022
|
- |
|
moodle
|
moodle
|
repository/s3/S3.php in the Amazon S3 library in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 does not verify that the server hostname matches a domain name i…
|
CWE-20
Improper Input Validation
|
CVE-2012-6087
|
2024-11-21 10:45 |
2013-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296023
|
- |
|
cisco
|
wireless_control_system
prime_network_control_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Health Monitor Login pages in Cisco Prime Network Control System (NCS) and Wireless Control System (WCS) allow remote attackers to inject arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5990
|
2024-11-21 10:45 |
2013-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296024
|
- |
|
cisco
|
identity_services_engine_software
|
Multiple cross-site scripting (XSS) vulnerabilities in the guest portal in Cisco Identity Services Engine (ISE) Software allow remote attackers to inject arbitrary web script or HTML via unspecified …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5744
|
2024-11-21 10:45 |
2013-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296025
|
- |
|
videolan
|
vlc_media_player
|
The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorre…
|
CWE-189
Numeric Errors
|
CVE-2012-5855
|
2024-11-21 10:45 |
2013-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296026
|
- |
|
ibm
|
sterling_b2b_integrator
sterling_file_gateway
|
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capt…
|
CWE-310
Cryptographic Issues
|
CVE-2012-5936
|
2024-11-21 10:45 |
2013-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296027
|
- |
|
ibm
|
sterling_b2b_integrator
sterling_file_gateway
|
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors …
|
CWE-89
SQL Injection
|
CVE-2012-5766
|
2024-11-21 10:45 |
2013-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296028
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6148
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296029
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated bac…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6147
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296030
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6145
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
