|
288961
|
- |
|
zpanelcp
|
zpanel
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ZPanel 10.0.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create new FTP user…
|
CWE-352
Origin Validation Error
|
CVE-2012-5683
|
2024-11-21 10:45 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288962
|
- |
|
ingy
|
spoon
|
Spoon::Cookie in the Spoon module 0.24 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly…
|
CWE-94
Code Injection
|
CVE-2012-6143
|
2024-11-21 10:45 |
2014-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288963
|
- |
|
jochen_wiedmann
|
html\
|
Session::Cookie in the HTML::EP module 0.2011 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request, which is not p…
|
CWE-94
Code Injection
|
CVE-2012-6142
|
2024-11-21 10:45 |
2014-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288964
|
- |
|
stephen_adkins
|
app\
|
The App::Context module 0.01 through 0.968 for Perl does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via a crafted request to (1) App::Sessio…
|
CWE-94
Code Injection
|
CVE-2012-6141
|
2024-11-21 10:45 |
2014-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288965
|
- |
|
nero
|
mediahome
|
Nero MediaHome 4.5.8.0 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an HTTP header without a name.
|
NVD-CWE-Other
|
CVE-2012-5877
|
2024-11-21 10:45 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288966
|
- |
|
nero
|
mediahome
|
Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and earlier allow remote attackers to cause a denial of service (crash) via a long string in the (1) request line or (…
|
CWE-189
Numeric Errors
|
CVE-2012-5876
|
2024-11-21 10:45 |
2014-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288967
|
- |
|
paul_mattes
|
x3270
|
x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-310
Cryptographic Issues
|
CVE-2012-5662
|
2024-11-21 10:45 |
2014-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288968
|
- |
|
apache
|
couchdb
|
Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers to execute arbitrary code via a JSONP callback, related to Adobe Flash.
|
CWE-94
Code Injection
|
CVE-2012-5649
|
2024-11-21 10:45 |
2014-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288969
|
- |
|
typo3
|
typo3
|
The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6146
|
2024-11-21 10:45 |
2014-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
288970
|
- |
|
cisco
|
ios_xe
asr_1001
asr_1002
asr_1002-x
asr_1002_fixed_router
asr_1004
asr_1006
asr_1013
asr_1023_router
|
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP pack…
|
CWE-20
Improper Input Validation
|
CVE-2012-5723
|
2024-11-21 10:45 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
