|
289501
|
- |
|
kent-web
|
access_report
|
Cross-site scripting (XSS) vulnerability in KENT-WEB ACCESS REPORT 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors related to access-log data.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5175
|
2024-11-21 10:44 |
2012-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289502
|
- |
|
google
opensuse
|
chrome
opensuse
|
Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-5138
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289503
|
- |
|
google
opensuse
|
chrome
opensuse
|
Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Sourc…
|
CWE-416
Use After Free
|
CVE-2012-5137
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289504
|
- |
|
google
|
chrome
chrome_os
|
Heap-based buffer overflow in the WebGL subsystem in Google Chrome OS before 23.0.1271.94 allows remote attackers to cause a denial of service (GPU process crash) or possibly have unspecified other i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5129
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289505
|
- |
|
basic_webmail_project
jason_flatt
|
basic_webmail
|
Multiple cross-site scripting (XSS) vulnerabilities in the Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allow remote attackers to inject arbitrary web script or HTML via a (1) page title or…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5569
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289506
|
- |
|
chaos_tool_suite_project
|
ctools
|
Cross-site scripting (XSS) vulnerability in the page manager node view task in the Chaos tool suite (ctools) module 6.x-1.x before 6.x-1.10 for Drupal allows remote authenticated users with permissio…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5559
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289507
|
- |
|
user_read-only_project
|
user_readonly
|
The User Read-Only module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.4 for Drupal, does not properly assign roles when there are more than three roles on the site and certain unspecified configu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5557
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289508
|
- |
|
restful_web_services_project
|
restful_web_services
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the RESTful Web Services (RESTWS) module 7.x-1.x before 7.x-1.1 and 7.x-2.x before 7.x-2.0-alpha3 for Drupal allow remote attackers to hi…
|
CWE-352
Origin Validation Error
|
CVE-2012-5556
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289509
|
- |
|
coleman_watts
|
webform_civicrm
|
The default configuration for the Webform CiviCRM Integration module 7.x-3.x before 7.x-3.2 has "Enforce Permissions" disabled, which allows remote attackers to obtain contact information by reading …
|
CWE-200
Information Exposure
|
CVE-2012-5554
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289510
|
- |
|
daniel_honrade
|
om_maximenu
|
Multiple cross-site scripting (XSS) vulnerabilities in the OM Maximenu module 6.x-1.x before 6.x-1.44 and 7.x-1.x before 7.x-1.44 for Drupal allow remote authenticated users with the "administer OM M…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5553
|
2024-11-21 10:44 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
