|
293071
|
- |
|
rabidhamster
|
r2\/extreme
|
RabidHamster R2/Extreme 1.65 and earlier uses a small search space of values for the PIN number, which allows remote attackers to obtain the PIN number via a brute force attack.
|
CWE-200
Information Exposure
|
CVE-2012-1223
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293072
|
- |
|
rabidhamster
|
r2\/extreme
|
Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated users to execute arbitrary code via a long string to TCP port 23.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1222
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293073
|
- |
|
rabidhamster
|
r2\/extreme
r2\/
|
Directory traversal vulnerability in the telnet server in RabidHamster R2/Extreme 1.65 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the File command.
|
CWE-22
Path Traversal
|
CVE-2012-1221
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293074
|
- |
|
devincentiis
|
gazie
|
Cross-site request forgery (CSRF) vulnerability in modules/config/admin_utente.php in GAzie 5.20 and earlier allows remote attackers to hijack the authentication of administrators for requests that c…
|
CWE-352
Origin Validation Error
|
CVE-2012-1220
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293075
|
- |
|
freelancerkit
|
freelancerkit
|
Multiple cross-site scripting (XSS) vulnerabilities in freelancerKit 2.35 allow remote attackers to inject arbitrary web script or HTML via the (1) ticket parameter to tickets.php, (2) title paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1219
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293076
|
- |
|
freelancerkit
|
freelancerkit
|
Multiple SQL injection vulnerabilities in freelancerKit 2.35 allow remote attackers to execute arbitrary SQL commands via unspecified vectors to the (1) notes and (2) tickets components.
|
CWE-89
SQL Injection
|
CVE-2012-1218
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293077
|
- |
|
zenphoto
|
zenphoto
|
Multiple cross-site scripting (XSS) vulnerabilities in ZENphoto 1.4.2 allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in an external action to zp-core/admin.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0995
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293078
|
- |
|
zenphoto
|
zenphoto
|
SQL injection vulnerability in the Manage Albums feature in zp-core/admin-albumsort.php in ZENphoto 1.4.2 allows remote authenticated users to execute arbitrary SQL commands via the sortableList para…
|
CWE-89
SQL Injection
|
CVE-2012-0994
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293079
|
- |
|
zenphoto
|
zenphoto
|
Eval injection vulnerability in zp-core/zp-extensions/viewer_size_image.php in ZENphoto 1.4.2, when the viewer_size_image plugin is enabled, allows remote attackers to execute arbitrary PHP code via …
|
CWE-94
Code Injection
|
CVE-2012-0993
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293080
|
- |
|
simhl
|
sths_v2_web_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in STHS v2 Web Portal 2.2 allow remote attackers to inject arbitrary web script or HTML via the team parameter to (1) prospects.php, (2) prospect.p…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1217
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
