|
288861
|
- |
|
centrify
|
centrify_deployment_manager
centrify_suite
|
Centrify Deployment Manager 2.1.0.283, as distributed in Centrify Suite before 2012.5, allows local users to (1) overwrite arbitrary files via a symlink attack on the adcheckDMoutput temporary file, …
|
CWE-59
Link Following
|
CVE-2012-6348
|
2024-11-21 10:46 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288862
|
- |
|
twiki
foswiki
|
twiki
foswiki
|
The localization functionality in TWiki before 5.1.3, and Foswiki 1.0.x through 1.0.10 and 1.1.x through 1.1.6, allows remote attackers to cause a denial of service (memory consumption) via a large i…
|
CWE-189
Numeric Errors
|
CVE-2012-6330
|
2024-11-21 10:46 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288863
|
- |
|
perl
|
perl
|
The _compile function in Maketext.pm in the Locale::Maketext implementation in Perl before 5.17.7 does not properly handle backslashes and fully qualified method names during compilation of bracket n…
|
CWE-94
Code Injection
|
CVE-2012-6329
|
2024-11-21 10:46 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288864
|
- |
|
rubyonrails
|
rails
|
The Authlogic gem for Ruby on Rails, when used with certain versions before 3.2.10, makes potentially unsafe find_by_id method calls, which might allow remote attackers to conduct CVE-2012-6496 SQL i…
|
CWE-89
SQL Injection
|
CVE-2012-6497
|
2024-11-21 10:46 |
2013-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288865
|
- |
|
rubyonrails
|
rails
ruby_on_rails
|
SQL injection vulnerability in the Active Record component in Ruby on Rails before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a …
|
CWE-89
SQL Injection
|
CVE-2012-6496
|
2024-11-21 10:46 |
2013-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288866
|
- |
|
e107
|
e107
|
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL…
|
CWE-352
Origin Validation Error
|
CVE-2012-6434
|
2024-11-21 10:46 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288867
|
- |
|
e107
|
e107
|
Cross-site request forgery (CSRF) vulnerability in e107_admin/newspost.php in e107 1.0.1 allows remote attackers to hijack the authentication of administrators for requests that conduct XSS attacks v…
|
CWE-352
Origin Validation Error
|
CVE-2012-6433
|
2024-11-21 10:46 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288868
|
- |
|
moinmo
|
moinmoin
|
Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users w…
|
CWE-22
Path Traversal
|
CVE-2012-6495
|
2024-11-21 10:46 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288869
|
- |
|
opera
|
opera_browser
|
Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configurati…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6472
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288870
|
- |
|
opera
|
opera_browser
|
Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests.
|
NVD-CWE-Other
|
CVE-2012-6471
|
2024-11-21 10:46 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
