|
295931
|
- |
|
carlosgavazzi
|
eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system
|
Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 establishes multiple hardcoded accounts, which makes it easier for remote attackers to obtain administrative access by reading a password …
|
CWE-255
Credentials Management
|
CVE-2012-6428
|
2024-11-21 10:46 |
2012-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295932
|
- |
|
carlosgavazzi
|
eos-box_photovoltaic_monitoring_system_firmware
eos-box_photovoltaic_monitoring_system
|
Multiple SQL injection vulnerabilities in Carlo Gavazzi EOS-Box with firmware before 1.0.0.1080_2.1.10 allow remote attackers to execute arbitrary SQL commands via unspecified vectors, a similar issu…
|
CWE-89
SQL Injection
|
CVE-2012-6427
|
2024-11-21 10:46 |
2012-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295933
|
- |
|
vmware
|
vcenter_server_appliance
|
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2012-6325
|
2024-11-21 10:46 |
2012-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295934
|
- |
|
vmware
|
vcenter_server_appliance
|
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vector…
|
CWE-22
Path Traversal
|
CVE-2012-6324
|
2024-11-21 10:46 |
2012-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295935
|
- |
|
samsung
meizu
|
galaxy_note_2
mx
galaxy_s2
|
The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions (0666) for /dev/exynos-mem, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6422
|
2024-11-21 10:46 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295936
|
- |
|
xen
|
xen
|
Multiple HVM control operations in Xen 3.4 through 4.2 allow local HVM guest OS administrators to cause a denial of service (physical CPU consumption) via a large input.
|
CWE-399
Resource Management Errors
|
CVE-2012-6333
|
2024-11-21 10:46 |
2012-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295937
|
- |
|
simple_gmail_login
|
1.1.2
1.1.3
|
simple-gmail-login.php in the Simple Gmail Login plugin before 1.1.4 for WordPress allows remote attackers to obtain sensitive information via a request that lacks a timezone, leading to disclosure o…
|
CWE-200
Information Exposure
|
CVE-2012-6313
|
2024-11-21 10:46 |
2012-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295938
|
- |
|
video-lead-form
|
uk-cookie
|
Cross-site scripting (XSS) vulnerability in the Video Lead Form plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the errMsg parameter in a video-lead-form actio…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6312
|
2024-11-21 10:46 |
2012-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295939
|
6.1 |
MEDIUM
Network
|
arc2_project
|
arc2
|
ARC (aka ARC2) through 2011-12-01 allows reflected XSS via the end_point.php query parameter in an output=htmltab action.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5873
|
2024-11-21 10:45 |
2023-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295940
|
9.8 |
CRITICAL
Network
|
arc2_project
|
arc2
|
ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause.
|
CWE-89
SQL Injection
|
CVE-2012-5872
|
2024-11-21 10:45 |
2023-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
