|
290601
|
- |
|
squashfs_project
|
squashfs
|
Stack-based buffer overflow in the get_component function in unsquashfs.c in unsquashfs in Squashfs 4.2 and earlier allows remote attackers to execute arbitrary code via a crafted list file (aka a cr…
|
CWE-787
Out-of-bounds Write
|
CVE-2012-4024
|
2024-11-21 10:42 |
2012-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290602
|
- |
|
zingiri
|
zingiri_web_shop
|
Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin before 2.4.0 for WordPress have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4033
|
2024-11-21 10:42 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290603
|
- |
|
websitepanel
|
websitepanel
|
Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to De…
|
CWE-20
Improper Input Validation
|
CVE-2012-4032
|
2024-11-21 10:42 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290604
|
- |
|
wangkongbao
|
cns-1100
cns-1000
|
Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid coo…
|
CWE-22
Path Traversal
|
CVE-2012-4031
|
2024-11-21 10:42 |
2012-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290605
|
- |
|
tridium
|
niagara_ax
|
Tridium Niagara AX Framework does not properly store credential data, which allows context-dependent attackers to bypass intended access restrictions by using the stored information for authenticatio…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2012-4028
|
2024-11-21 10:42 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290606
|
- |
|
tridium
|
niagara_ax
|
Directory traversal vulnerability in Tridium Niagara AX Framework allows remote attackers to read files outside of the intended images, nav, and px folders by leveraging incorrect permissions, as dem…
|
CWE-22
Path Traversal
|
CVE-2012-4027
|
2024-11-21 10:42 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290607
|
- |
|
johnsoncontrols
|
pegasys_p2000_server_software
pegasys_p2000_server
|
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to trigger false alerts via crafted packets to TCP port 41013 (aka the upload port), a different vulnerabil…
|
CWE-20
Improper Input Validation
|
CVE-2012-4026
|
2024-11-21 10:42 |
2012-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290608
|
- |
|
ckeditor
|
fckeditor
|
Cross-site scripting (XSS) vulnerability in the print_textinputs_var function in editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php in FCKeditor 2.6.7 and earlier allows remo…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4000
|
2024-11-21 10:42 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290609
|
- |
|
sayakbanerjee
|
sticky_notes
|
Cross-site scripting (XSS) vulnerability in admin/login.php in Sticky Notes 0.3.09062012.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the username parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3999
|
2024-11-21 10:42 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290610
|
- |
|
sayakbanerjee
|
sticky_notes
|
Multiple SQL injection vulnerabilities in Sticky Notes before 0.2.27052012.5 allow remote attackers to execute arbitrary SQL commands via the (1) paste id in admin/modules/mod_pastes.php or (2) show.…
|
CWE-89
SQL Injection
|
CVE-2012-3998
|
2024-11-21 10:42 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
