|
292661
|
- |
|
siemens
|
simatic_s7-1200_firmware
simatic_s7-1200_cpu_1211c_firmware
simatic_s7-1200_cpu_1212c_firmware
simatic_s7-1200_cpu_1212fc_firmware
simatic_s7-1200_cpu_1214_fc_firmware
simatic_s7-1200_…
|
The Siemens SIMATIC S7-1200 2.x PLC does not properly protect the private key of the SIMATIC CONTROLLER Certification Authority certificate, which allows remote attackers to spoof the S7-1200 web ser…
|
CWE-295
Improper Certificate Validation
|
CVE-2012-3037
|
2024-11-21 10:40 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292662
|
- |
|
fultek
|
wintr_scada
|
Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request.
|
CWE-22
Path Traversal
|
CVE-2012-3011
|
2024-11-21 10:40 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292663
|
- |
|
apache
|
cxf
|
Apache CXF before 2.4.9, 2.5.x before 2.5.5, and 2.6.x before 2.6.2 allows remote attackers to execute unintended web-service operations by sending a header with a SOAP Action String that is inconsis…
|
CWE-20
Improper Input Validation
|
CVE-2012-3451
|
2024-11-21 10:40 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292664
|
- |
|
oracle
|
database_server
primavera_p6_enterprise_project_portfolio_management
|
The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, wh…
|
CWE-287
Improper Authentication
|
CVE-2012-3137
|
2024-11-21 10:40 |
2012-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292665
|
- |
|
apache
|
wicket
|
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.21 and 1.5.x before 1.5.8 allows remote attackers to inject arbitrary web script or HTML via vectors involving a %00 sequenc…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3373
|
2024-11-21 10:40 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292666
|
- |
|
oscommerce
paypal
|
online_merchant
website_payments_standard_module
|
The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in osCommerce Online Merchant before 2.3.4 allows remote attackers to set the payment recipient via a modified value of the merchant'…
|
NVD-CWE-Other
|
CVE-2012-2991
|
2024-11-21 10:40 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292667
|
- |
|
hp
|
operations_orchestration
|
Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-3258
|
2024-11-21 10:40 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292668
|
- |
|
siemens
|
simatic_pcs7
wincc
|
WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to discover a username and password via crafted parameters to unspecified method…
|
CWE-200
Information Exposure
|
CVE-2012-3034
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292669
|
- |
|
siemens
|
simatic_pcs7
wincc
|
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted S…
|
CWE-89
SQL Injection
|
CVE-2012-3032
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292670
|
- |
|
siemens
|
simatic_pcs7
wincc
|
Multiple cross-site scripting (XSS) vulnerabilities in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allow remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3031
|
2024-11-21 10:40 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
