|
294981
|
- |
|
canonical
|
ubuntu_software_properties
|
The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly …
|
CWE-20
Improper Input Validation
|
CVE-2012-5356
|
2024-11-21 10:44 |
2012-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294982
|
- |
|
bryce_harrington
|
xdiagnose
|
welcome.py in xdiagnose before 2.5.2ubuntu0.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
|
CWE-59
Link Following
|
CVE-2012-5355
|
2024-11-21 10:44 |
2012-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294983
|
- |
|
mozilla
|
firefox
thunderbird
seamonkey
|
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly handle navigation away from a web page that has multiple menus of SELECT elements active, which allows …
|
NVD-CWE-Other
|
CVE-2012-5354
|
2024-11-21 10:44 |
2012-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294984
|
- |
|
eduserv
|
openathens_service_provider
|
Eduserv OpenAthens SP 2.0 for Java allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack."
|
CWE-287
Improper Authentication
|
CVE-2012-5353
|
2024-11-21 10:44 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294985
|
- |
|
josso
|
java_open_single_sign-on_project_home
|
Java Open Single Sign-On Project Home (JOSSO) allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attac…
|
CWE-287
Improper Authentication
|
CVE-2012-5352
|
2024-11-21 10:44 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294986
|
- |
|
apache
|
axis2
|
Apache Axis2 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack," a different vulnerability tha…
|
CWE-287
Improper Authentication
|
CVE-2012-5351
|
2024-11-21 10:44 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294987
|
- |
|
wordpress
|
pay-with-tweet
|
SQL injection vulnerability in the Pay With Tweet plugin before 1.2 for WordPress allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the id parameter in …
|
CWE-89
SQL Injection
|
CVE-2012-5350
|
2024-11-21 10:44 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294988
|
- |
|
wordpress
|
pay-with-tweet
|
Multiple cross-site scripting (XSS) vulnerabilities in pay.php in the Pay With Tweet plugin before 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) title, or (3…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5349
|
2024-11-21 10:44 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294989
|
- |
|
wilson_steven
|
mangosweb_enhanced
|
SQL injection vulnerability in MangosWeb Enhanced 3.0.3 allows remote attackers to execute arbitrary SQL commands via the login parameter in a login action to index.php.
|
CWE-89
SQL Injection
|
CVE-2012-5348
|
2024-11-21 10:44 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294990
|
- |
|
tinywebgallery
|
tinywebgallery
|
TinyWebGallery 1.8.3 allows remote attackers to execute arbitrary code via shell metacharacters in the command parameter to (1) inc/filefunctions.inc or (2) info.php.
|
NVD-CWE-noinfo
|
CVE-2012-5347
|
2024-11-21 10:44 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
