|
289601
|
- |
|
videousermanuals
|
white-label-cms
|
Cross-site request forgery (CSRF) vulnerability in wlcms-plugin.php in the White Label CMS plugin before 1.5.1 for WordPress allows remote attackers to hijack the authentication of administrators for…
|
CWE-352
Origin Validation Error
|
CVE-2012-5387
|
2024-11-21 10:44 |
2012-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289602
|
- |
|
tibco
|
formvine
|
The server in TIBCO Formvine 3.1.x and 3.2.x before 3.2.1 does not properly implement access control, which allows remote attackers to obtain sensitive information or modify data via unspecified vect…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5302
|
2024-11-21 10:44 |
2012-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289603
|
- |
|
adobe
|
shockwave_player
|
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5273
|
2024-11-21 10:44 |
2012-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289604
|
- |
|
joomla
|
joomla\!
|
Cross-site scripting (XSS) vulnerability in the language search component in Joomla! before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5455
|
2024-11-21 10:44 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289605
|
- |
|
atutor
|
acontent
|
user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to modify arbitrary user passwords via a crafted request. NOTE…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5454
|
2024-11-21 10:44 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289606
|
- |
|
atutor
|
acontent
|
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vu…
|
CWE-89
SQL Injection
|
CVE-2012-5453
|
2024-11-21 10:44 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289607
|
- |
|
intelliants
|
subrion_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) multi_title parameter to blocks/add/; (2) cost, (3) …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5452
|
2024-11-21 10:44 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289608
|
- |
|
atutor
|
acontent
|
Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent before 1.2-2 allow remote attackers to inject arbitrary web script or HTML via the (1) pathext, …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5169
|
2024-11-21 10:44 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289609
|
- |
|
atutor
|
acontent
|
ATutor AContent before 1.2-1 allows remote attackers to modify arbitrary user passwords or category names via a direct request to (1) user/index_inline_editor_submit.php or (2) course_category/index_…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5168
|
2024-11-21 10:44 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289610
|
- |
|
atutor
|
acontent
|
Multiple SQL injection vulnerabilities in ATutor AContent before 1.2-1 allow remote attackers to execute arbitrary SQL commands via the (1) field parameter to course_category/index_inline_editor_subm…
|
CWE-89
SQL Injection
|
CVE-2012-5167
|
2024-11-21 10:44 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
