|
295871
|
- |
|
altrasoft
|
site_uptime_enterprise
|
Cross-site request forgery (CSRF) vulnerability in commonsettings.php in AlstraSoft Site Uptime Enterprise, possibly 5.4, allows remote attackers to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2012-4326
|
2024-11-21 10:42 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295872
|
- |
|
utopiasoftware
|
news_pro
|
Cross-site request forgery (CSRF) vulnerability in upload/users.php in Utopia News Pro (UNP) 1.4.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that…
|
CWE-352
Origin Validation Error
|
CVE-2012-4325
|
2024-11-21 10:42 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295873
|
- |
|
phpjabbers
|
vacation_rental_script
|
Cross-site request forgery (CSRF) vulnerability in PHPJabbers Vacation Rental Script allows remote attackers to hijack the authentication of administrators for requests that add administrator account…
|
CWE-352
Origin Validation Error
|
CVE-2012-4324
|
2024-11-21 10:42 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295874
|
- |
|
netweblogic
|
login_with_ajax
|
Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4283
|
2024-11-21 10:42 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295875
|
- |
|
toocharger
|
trombinoscope
|
SQL injection vulnerability in photo.php in Trombinoscope 3.5 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4282
|
2024-11-21 10:42 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295876
|
- |
|
itechscripts
|
travelon_express
|
Multiple SQL injection vulnerabilities in Travelon Express 6.2.2 allow remote attackers to execute arbitrary SQL commands via the hid parameter to (1) holiday.php or (2) holiday_book.php, (3) id para…
|
CWE-89
SQL Injection
|
CVE-2012-4281
|
2024-11-21 10:42 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295877
|
- |
|
rwcinc
|
free_realty
|
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that (1) …
|
CWE-352
Origin Validation Error
|
CVE-2012-4280
|
2024-11-21 10:42 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295878
|
- |
|
rwcinc
|
free_realty
|
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/ad…
|
CWE-89
SQL Injection
|
CVE-2012-4279
|
2024-11-21 10:42 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295879
|
- |
|
rwcinc
|
free_realty
|
Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4278
|
2024-11-21 10:42 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295880
|
- |
|
smarty
|
smarty
|
Cross-site scripting (XSS) vulnerability in the smarty_function_html_options_optoutput function in distribution/libs/plugins/function.html_options.php in Smarty before 3.1.8 allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4277
|
2024-11-21 10:42 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
