|
288821
|
- |
|
efrontlearning
|
efront
|
eFront 3.6.10, 3.6.11 build 15059, and earlier allows remote attackers to obtain sensitive information via invalid courses_ID parameter in the lesson_info module to index.php, which reveals the insta…
|
CWE-200
Information Exposure
|
CVE-2012-6515
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288822
|
- |
|
netshinesoftware
|
com_netinvoice
|
Cross-site scripting (XSS) vulnerability in the nBill (com_nbill) component 2.3.2 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the message parameter in an income act…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6514
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288823
|
- |
|
gpeasy
|
gpeasy_cms
|
Cross-site scripting (XSS) vulnerability in index.php/Admin_Preferences in gpEasy CMS 2.3.3 allows remote attackers to inject arbitrary web script or HTML via the jsoncallback parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6513
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288824
|
- |
|
organizer_project
|
organizer
|
The Organizer plugin 1.2.1 for WordPress allows remote attackers to obtain the installation path via unspecified vectors to (1) plugin_hook.php, (2) page/index.php, (3) page/dir.php (4) page/options.…
|
CWE-200
Information Exposure
|
CVE-2012-6512
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288825
|
- |
|
organizer_project
|
organizer
|
Multiple cross-site scripting (XSS) vulnerabilities in organizer/page/users.php in the Organizer plugin 1.2.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) d…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6511
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288826
|
- |
|
netartmedia
|
car_portal
|
Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) PWRS or (2) Description field when posting…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6510
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288827
|
- |
|
netartmedia
|
car_portal
|
Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.
|
NVD-CWE-Other
|
CVE-2012-6509
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288828
|
- |
|
netartmedia
|
car_portal
|
Multiple cross-site request forgery (CSRF) vulnerabilities in NetArt Media Car Portal 3.0 allow remote attackers to hijack the authentication of administrators for requests that (1) change arbitrary …
|
CWE-352
Origin Validation Error
|
CVE-2012-6508
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288829
|
- |
|
jason_sexauer
|
churchcms
|
Multiple SQL injection vulnerabilities in admin.php in ChurchCMS 0.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) uname or (2) pass parameters in a login action.
|
CWE-89
SQL Injection
|
CVE-2012-6507
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288830
|
- |
|
zingiri
|
zingiri_web_shop
|
Multiple cross-site scripting (XSS) vulnerabilities in the Zingiri Web Shop plugin 2.4.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter in zing…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6506
|
2024-11-21 10:46 |
2013-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
