|
296231
|
- |
|
apache
|
tomcat
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 does not properly check for stale nonce values in conjunction with …
|
CWE-287
Improper Authentication
|
CVE-2012-5887
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296232
|
- |
|
apache
|
tomcat
|
The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 caches information about the authenticated user within the session …
|
CWE-287
Improper Authentication
|
CVE-2012-5886
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296233
|
- |
|
apache
|
tomcat
|
The replay-countermeasure functionality in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.36, 6.x before 6.0.36, and 7.x before 7.0.30 tracks cnonce (aka clien…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5885
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296234
|
- |
|
uk-cookie_project
|
uk-cookie
|
Cross-site scripting (XSS) vulnerability in the Uk Cookie (aka uk-cookie) plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5856
|
2024-11-21 10:45 |
2012-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296235
|
- |
|
mozilla
|
bugzilla
|
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSO…
|
CWE-200
Information Exposure
|
CVE-2012-5884
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296236
|
- |
|
mozilla
yahoo
|
bugzilla
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.9.0, as used in Bugzilla 3.7.x and 4.0.x before 4.0.9, 4.1.x and 4.2.x before 4.2.4, and 4.3.x an…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5883
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296237
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploade…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5882
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296238
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to charts.…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5881
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296239
|
- |
|
phome
|
empirecms
|
Eval injection vulnerability in the ReplaceListVars function in the template parser in e/class/connect.php in EmpireCMS 6.6 allows user-assisted remote attackers to execute arbitrary PHP code via a c…
|
CWE-94
Code Injection
|
CVE-2012-5777
|
2024-11-21 10:45 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296240
|
- |
|
google
apple
|
chrome
webkit
safari
|
html/parser/XSSAuditor.cpp in WebCore in WebKit, as used in Google Chrome through 22 and Safari 5.1.7, does not consider all possible output contexts of reflected data, which makes it easier for remo…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5851
|
2024-11-21 10:45 |
2012-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
