|
292391
|
- |
|
simplenews_scheduler_project
|
simplenews_scheduler
|
The Simplenews Scheduler module 6.x-2.x before 6.x-2.4 for Drupal allows remote authenticated users with the "send scheduled newsletters" permission to inject arbitrary PHP code into the scheduling f…
|
CWE-94
Code Injection
|
CVE-2012-5537
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292392
|
- |
|
flashtux
|
weechat
|
The hook_process function in the plugin API for WeeChat 0.3.0 through 0.3.9.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a command from a plugin, related to "sh…
|
CWE-20
Improper Input Validation
|
CVE-2012-5534
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292393
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Cross-site request forgery (CSRF) vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) 1.11.2 and earlier allows remote attackers to hijack the authentication of admini…
|
CWE-352
Origin Validation Error
|
CVE-2012-5450
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292394
|
- |
|
orangehrm
|
orangehrm
|
Multiple SQL injection vulnerabilities in OrangeHRM 2.7.1 RC 1 allow remote authenticated administrators to execute arbitrary SQL commands via the sortField parameter to (1) viewCustomers, (2) viewPa…
|
CWE-89
SQL Injection
|
CVE-2012-5367
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292395
|
- |
|
mariadb
oracle
|
mariadb
mysql
|
Oracle MySQL 5.5.38 and earlier, 5.6.19 and earlier, and MariaDB 5.5.28a, 5.3.11, 5.2.13, 5.1.66, and possibly other versions, generates different error messages with different time delays depending …
|
CWE-200
Information Exposure
|
CVE-2012-5615
|
2024-11-21 10:44 |
2012-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292396
|
- |
|
oracle
mariadb
redhat
|
mysql
mariadb
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_eus
|
Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (mysqld crash) via a SELECT com…
|
NVD-CWE-noinfo
|
CVE-2012-5614
|
2024-11-21 10:44 |
2012-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292397
|
- |
|
mariadb
oracle
|
mariadb
mysql
|
Stack-based buffer overflow in the acl_get function in Oracle MySQL 5.5.19 and other versions through 5.5.28, and 5.1.53 and other versions through 5.1.66, and MariaDB 5.5.2.x before 5.5.28a, 5.3.x b…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5611
|
2024-11-21 10:44 |
2012-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292398
|
- |
|
mariadb
oracle
|
mariadb
mysql
|
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows …
|
CWE-16
Configuration
|
CVE-2012-5613
|
2024-11-21 10:44 |
2012-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292399
|
- |
|
mariadb
oracle
suse
canonical
|
mariadb
mysql
linux_enterprise_desktop
linux_enterprise_server
linux_enterprise_software_development_kit
ubuntu_linux
|
Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service (m…
|
CWE-787
Out-of-bounds Write
|
CVE-2012-5612
|
2024-11-21 10:44 |
2012-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292400
|
- |
|
apache
opensuse
|
tomcat
opensuse
|
Apache Tomcat through 7.0.x allows remote attackers to cause a denial of service (daemon outage) via partial HTTP requests, as demonstrated by Slowloris.
|
NVD-CWE-noinfo
|
CVE-2012-5568
|
2024-11-21 10:44 |
2012-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
