|
291871
|
- |
|
artiphp
|
artiphp_cms
|
Artiphp CMS 5.5.0 Neo (r422) stores database backups with predictable names under the web root with insufficient access control, which allows remote attackers to obtain sensitive information via a di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2905
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291872
|
- |
|
longtailvideo
|
jw_player
|
player.swf in LongTail JW Player 5.9 allows remote attackers to conduct cross-site scripting (XSS) attacks to inject arbitrary web script or HTML via multiple "javascript:" sequences in the debug par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2904
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291873
|
- |
|
chatelao
|
php_address_book
|
Multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to group.php, or the (2) ta…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2903
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291874
|
- |
|
ryan_demmer
|
joomla_content_editor
|
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows rem…
|
NVD-CWE-Other
|
CVE-2012-2902
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291875
|
- |
|
ryan_demmer
|
joomla_content_editor
|
Cross-site scripting (XSS) vulnerability in the Profile List in the Joomla Content Editor (JCE) component before 2.1 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2901
|
2024-11-21 10:39 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291876
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2411
|
2024-11-21 10:39 |
2012-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291877
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, does not properly parse ASMRuleBook data in RealMedia files, which allows remote attackers to execute arbitrary code via…
|
NVD-CWE-Other
|
CVE-2012-2406
|
2024-11-21 10:39 |
2012-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291878
|
- |
|
sap
|
netweaver
|
The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon cras…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2612
|
2024-11-21 10:39 |
2012-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291879
|
- |
|
sap
|
netweaver
|
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace config…
|
CWE-20
Improper Input Validation
|
CVE-2012-2611
|
2024-11-21 10:39 |
2012-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291880
|
- |
|
sap
|
netweaver
|
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2514
|
2024-11-21 10:39 |
2012-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
