|
293371
|
- |
|
paypal
|
merchant_sdk
|
The PayPal merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2012-5787
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293372
|
- |
|
apache
|
cxf
|
The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF before 2.7.0 does not verify that the server hostname matches a domain name in the s…
|
CWE-20
Improper Input Validation
|
CVE-2012-5786
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293373
|
- |
|
apache
|
axis2
|
Apache Axis2/Java 1.6.2 and earlier does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man…
|
CWE-20
Improper Input Validation
|
CVE-2012-5785
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293374
|
- |
|
apache
paypal
|
axis
mass_pay
transactional_information_soap
payments_pro
activemq
|
Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, do…
|
CWE-20
Improper Input Validation
|
CVE-2012-5784
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293375
|
- |
|
apache
canonical
|
httpclient
ubuntu_linux
|
Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service (FPS) merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's …
|
CWE-295
Improper Certificate Validation
|
CVE-2012-5783
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293376
|
- |
|
amazon
|
flexible_payments_service
|
Amazon Flexible Payments Service (FPS) PHP Library does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, w…
|
CWE-20
Improper Input Validation
|
CVE-2012-5782
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293377
|
- |
|
amazon
|
elastic_load_balancing
|
Amazon Elastic Load Balancing API Tools does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows…
|
CWE-20
Improper Input Validation
|
CVE-2012-5781
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293378
|
- |
|
amazon
|
merchant_sdk
|
The Amazon merchant SDK does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2012-5780
|
2024-11-21 10:45 |
2012-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293379
|
- |
|
justin_dodge
|
hotblocks
|
Cross-site scripting (XSS) vulnerability in the settings page (admin/settings/hotblocks) in the Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administ…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5705
|
2024-11-21 10:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293380
|
- |
|
justin_dodge
|
hotblocks
|
The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the "administer hotblocks" permission to cause a denial of service (infinite loop and time out) via a blo…
|
CWE-399
Resource Management Errors
|
CVE-2012-5704
|
2024-11-21 10:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
