|
290951
|
- |
|
babygekko
|
baby_gekko
|
Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.
|
CWE-200
Information Exposure
|
CVE-2012-3838
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290952
|
- |
|
babygekko
|
baby_gekko
|
Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3837
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290953
|
- |
|
babygekko
|
baby_gekko
|
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3836
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290954
|
- |
|
alienvault
|
open_source_security_information_management
|
Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3835
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290955
|
- |
|
alienvault
|
open_source_security_information_management
|
SQL injection vulnerability in forensics/base_qry_main.php in AlienVault Open Source Security Information Management (OSSIM) 3.1 allows remote authenticated users to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2012-3834
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290956
|
- |
|
opensolution
|
quick.cms
|
Cross-site scripting (XSS) vulnerability in the default index page in admin/ in Quick.CMS 4.0 allows remote attackers to inject arbitrary web script or HTML via the p parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3833
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290957
|
- |
|
milesj
|
decoda
|
Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to (1) b or (2) div tags.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3832
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290958
|
- |
|
milesj
|
decoda
|
Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows remote attackers to inject arbitrary web script or HTML via multiple URLs in an img tag.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3831
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290959
|
- |
|
milesj
|
decoda
|
Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via the video directive.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3830
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290960
|
- |
|
joomla
|
joomla\!
|
Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.
|
CWE-200
Information Exposure
|
CVE-2012-3829
|
2024-11-21 10:41 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
