|
291651
|
- |
|
siemens
|
wincc
|
The XPath functionality in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 does not properly handle special characters in parameters, which allows remote authenticated users to …
|
CWE-94
Code Injection
|
CVE-2012-2596
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291652
|
- |
|
siemens
|
wincc
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified web applications in Siemens WinCC 7.0 SP3 before Update 2 allow remote attackers to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2595
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291653
|
- |
|
collabnet
|
scrumworks
|
The server in CollabNet ScrumWorks Pro before 6.0 allows remote authenticated users to gain privileges and obtain sensitive information via a modified desktop client.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2603
|
2024-11-21 10:39 |
2012-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291654
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in include/functions_trackbacks.inc.php in Serendipity 1.6.2 allows remote attackers to execute arbitrary SQL commands via the url parameter to comment.php.
|
CWE-89
SQL Injection
|
CVE-2012-2762
|
2024-11-21 10:39 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291655
|
- |
|
sensiolabs
|
symfony
|
Session fixation vulnerability in lib/user/sfBasicSecurityUser.class.php in SensioLabs Symfony before 1.4.18 allows remote attackers to hijack web sessions via vectors related to the regenerate metho…
|
NVD-CWE-Other
|
CVE-2012-2667
|
2024-11-21 10:39 |
2012-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291656
|
- |
|
bandainamcogames
|
madomagi-ip_android
|
The Puella Magi Madoka Magica iP application 1.05 and earlier for Android places cleartext Twitter credentials in a log file, which allows remote attackers to obtain sensitive information via a craft…
|
CWE-255
Credentials Management
|
CVE-2012-2630
|
2024-11-21 10:39 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291657
|
- |
|
networkupstools
|
nut
|
Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools (NUT) before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2944
|
2024-11-21 10:39 |
2012-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291658
|
- |
|
vmware
|
vma
|
Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
|
NVD-CWE-Other
|
CVE-2012-2752
|
2024-11-21 10:39 |
2012-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291659
|
- |
|
cisco
|
ios_xr
asr_9000_rsp440_router
crs_performance_route_processor
|
Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94…
|
CWE-20
Improper Input Validation
|
CVE-2012-2488
|
2024-11-21 10:39 |
2012-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291660
|
- |
|
captcha
|
cryptographp
|
CRLF injection vulnerability in cryptographp.inc.php in Cryptographp allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the cfg parameter.
|
NVD-CWE-Other
|
CVE-2012-2943
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
