|
289611
|
8.8 |
HIGH
Network
|
letodms_project
|
letodms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-4568
|
2024-11-21 10:43 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289612
|
6.1 |
MEDIUM
Network
|
letodms_project
|
letodms
|
Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) inc/inc.Cl…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4567
|
2024-11-21 10:43 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289613
|
6.5 |
MEDIUM
Network
|
cisco
|
ios
|
Cisco IOS before 15.2(4)S6 does not initialize an unspecified variable, which might allow remote authenticated users to cause a denial of service (CPU consumption, watchdog timeout, crash) by walking…
|
CWE-399
Resource Management Errors
|
CVE-2012-5030
|
2024-11-21 10:43 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289614
|
8.1 |
HIGH
Adjacent
|
cisco
|
adaptive_security_appliance_software
|
ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Applia…
|
CWE-254
7PK - Security Features
|
CVE-2012-5010
|
2024-11-21 10:43 |
2017-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289615
|
- |
|
n-tron
|
702w_industrial_wireless_access_point
|
N-Tron 702-W Industrial Wireless Access Point devices use the same (1) SSH and (2) HTTPS private keys across different customers' installations, which makes it easier for remote attackers to defeat c…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4716
|
2024-11-21 10:43 |
2015-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289616
|
- |
|
template_cms_project
|
template_cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Template CMS 2.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create an admi…
|
CWE-352
Origin Validation Error
|
CVE-2012-4902
|
2024-11-21 10:43 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289617
|
- |
|
template_cms_project
|
template_cms
|
Cross-site scripting (XSS) vulnerability in Template CMS 2.1.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the themes_editor parameter in an add_template action to …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4901
|
2024-11-21 10:43 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289618
|
- |
|
mikejolley
|
download_monitor
|
Cross-site scripting (XSS) vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the d…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4768
|
2024-11-21 10:43 |
2014-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289619
|
- |
|
xnview
|
xnview
|
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image fi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4988
|
2024-11-21 10:43 |
2014-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289620
|
- |
|
corel
|
quattro_pro_x6
|
The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NU…
|
NVD-CWE-Other
|
CVE-2012-4728
|
2024-11-21 10:43 |
2014-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
