|
288931
|
- |
|
moinmo
|
moinmoin
|
Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary fi…
|
CWE-22
Path Traversal
|
CVE-2012-6080
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288932
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in bookmarks/js/bookmarks.js in ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 allows remote attackers to inject arbitrary web script or HTML via the PAT…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5666
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288933
|
- |
|
owncloud
|
owncloud
|
ownCloud 4.0.x before 4.0.10 and 4.5.x before 4.5.5 does not properly restrict access to settings.php, which allows remote attackers to edit app configurations of user_webdavauth and user_ldap by edi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5665
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288934
|
- |
|
steven_jones
|
context
|
The Context module 6.x-3.x before 6.x-3.1 and 7.x-3.x before 7.x-3.0-beta6 for Drupal does not properly restrict access to block content, which allows remote attackers to obtain sensitive information…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5655
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288935
|
- |
|
nodewords_project
|
nodewords
|
The Nodewords: D6 Meta Tags module before 6.x-1.14 for Drupal, when configured to automatically generate description meta tags from node text, does not properly filter node content when creating tags…
|
CWE-200
Information Exposure
|
CVE-2012-5654
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288936
|
- |
|
drupal
debian
|
drupal
debian_linux
|
The file upload feature in Drupal 6.x before 6.27 and 7.x before 7.18 allows remote authenticated users to bypass the protection mechanism and execute arbitrary PHP code via a null byte in a file nam…
|
CWE-20
Improper Input Validation
|
CVE-2012-5653
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288937
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.27 allows remote attackers to obtain sensitive information about uploaded files via a (1) RSS feed or (2) search result.
|
CWE-200
Information Exposure
|
CVE-2012-5652
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288938
|
- |
|
drupal
|
drupal
|
Drupal 6.x before 6.27 and 7.x before 7.18 displays information for blocked users, which might allow remote attackers to obtain sensitive information by reading the search results.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5651
|
2024-11-21 10:45 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288939
|
- |
|
ircd-ratbox
ratbox
|
ircd-ratbox
|
modules/m_capab.c in (1) ircd-ratbox before 3.0.8 and (2) Charybdis before 3.4.2 does not properly support capability negotiation during server handshakes, which allows remote attackers to cause a de…
|
NVD-CWE-Other
|
CVE-2012-6084
|
2024-11-21 10:45 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288940
|
- |
|
ibm
|
spss_modeler
|
IBM SPSS Modeler 14.0, 14.1, 14.2 through FP3, and 15.0 before FP2 allows remote attackers to read arbitrary files, and possibly send HTTP requests to intranet servers or cause a denial of service (C…
|
NVD-CWE-Other
|
CVE-2012-5769
|
2024-11-21 10:45 |
2013-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
