|
289851
|
- |
|
lighttpd
|
lighttpd
|
The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token…
|
CWE-399
Resource Management Errors
|
CVE-2012-5533
|
2024-11-21 10:44 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289852
|
- |
|
bigace
|
bigace
|
Session fixation vulnerability in BIGACE before 2.7.8 allows remote attackers to hijack web sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2012-5173
|
2024-11-21 10:44 |
2012-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289853
|
- |
|
andy_armstrong
|
cgi.pm
|
CGI.pm module before 3.63 for Perl does not properly escape newlines in (1) Set-Cookie or (2) P3P headers, which might allow remote attackers to inject arbitrary headers into responses from applicati…
|
CWE-16
Configuration
|
CVE-2012-5526
|
2024-11-21 10:44 |
2012-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289854
|
- |
|
moodle
|
moodle
|
Moodle 2.3.x before 2.3.3 allows remote authenticated users to bypass the moodle/role:manage capability requirement and read all capability data by visiting the Check Permissions page.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5481
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289855
|
- |
|
moodle
|
moodle
|
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote attackers to bypass intended restrictions on reading other participants' entries vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5480
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289856
|
- |
|
moodle
|
moodle
|
The Portfolio plugin in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to upload and execute files via a modified Portfolio API callback.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5479
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289857
|
- |
|
moodle
|
moodle
|
The Database activity module in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to read activity entries of a different group's users via an ad…
|
CWE-200
Information Exposure
|
CVE-2012-5473
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289858
|
- |
|
moodle
|
moodle
|
lib/formslib.php in Moodle 2.2.x before 2.2.6 and 2.3.x before 2.3.3 allows remote authenticated users to bypass intended access restrictions via a modified value of a frozen form field.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5472
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289859
|
- |
|
moodle
|
moodle
|
The Dropbox Repository File Picker in Moodle 2.1.x before 2.1.9, 2.2.x before 2.2.6, and 2.3.x before 2.3.3 allows remote authenticated users to access the Dropbox of a different user by leveraging a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5471
|
2024-11-21 10:44 |
2012-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289860
|
- |
|
firebirdsql
|
firebird
|
TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL …
|
CWE-399
Resource Management Errors
|
CVE-2012-5529
|
2024-11-21 10:44 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
