|
288791
|
- |
|
zpanelcp
|
zpanel
|
SQL injection vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to execute arbitrary SQL commands via the inEmailAddress parameter in an UpdateClient action in the manage_clients mod…
|
CWE-89
SQL Injection
|
CVE-2012-5685
|
2024-11-21 10:45 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288792
|
- |
|
zpanelcp
|
zpanel
|
Cross-site scripting (XSS) vulnerability in ZPanel 10.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the inFullname parameter in an UpdateAccountSettings action in…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5684
|
2024-11-21 10:45 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288793
|
- |
|
zpanelcp
|
zpanel
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create new FTP user…
|
CWE-352
Origin Validation Error
|
CVE-2012-5683
|
2024-11-21 10:45 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288794
|
- |
|
ingy
|
spoon
|
Spoon::Cookie in the Spoon module 0.24 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly…
|
CWE-94
Code Injection
|
CVE-2012-6143
|
2024-11-21 10:45 |
2014-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288795
|
- |
|
jochen_wiedmann
|
html\
|
Session::Cookie in the HTML::EP module 0.2011 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not p…
|
CWE-94
Code Injection
|
CVE-2012-6142
|
2024-11-21 10:45 |
2014-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288796
|
- |
|
stephen_adkins
|
app\
|
The App::Context module 0.01 through 0.968 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request to (1) App::Sessio…
|
CWE-94
Code Injection
|
CVE-2012-6141
|
2024-11-21 10:45 |
2014-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288797
|
- |
|
nero
|
mediahome
|
Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an HTTP header without a name.
|
NVD-CWE-Other
|
CVE-2012-5877
|
2024-11-21 10:45 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288798
|
- |
|
nero
|
mediahome
|
Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and earlier allow remote attackers to cause a denial of service (crash) via a long string in the (1) request line or (…
|
CWE-189
Numeric Errors
|
CVE-2012-5876
|
2024-11-21 10:45 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288799
|
- |
|
paul_mattes
|
x3270
|
x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-310
Cryptographic Issues
|
CVE-2012-5662
|
2024-11-21 10:45 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288800
|
- |
|
apache
|
couchdb
|
Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.
|
CWE-94
Code Injection
|
CVE-2012-5649
|
2024-11-21 10:45 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
