|
292431
|
- |
|
juan_ramon
|
osclass
|
Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter. NOTE: this vulnerability …
|
CWE-22
Path Traversal
|
CVE-2012-1617
|
2024-11-21 10:37 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292432
|
- |
|
drupal
|
faq
|
Multiple cross-site scripting (XSS) vulnerabilities in the FAQ module 6.x-1.x before 6.x-1.13 and 7.x-1.x-rc1 for Drupal allow remote authenticated users to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1646
|
2024-11-21 10:37 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292433
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properl…
|
CWE-399
Resource Management Errors
|
CVE-2012-1529
|
2024-11-21 10:37 |
2012-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292434
|
- |
|
databasepublish
|
admin\
|
Cross-site request forgery (CSRF) vulnerability in the Admin:hover module for Drupal allows remote attackers to hijack the authentication of administrators for requests that unpublish all nodes, and …
|
CWE-352
Origin Validation Error
|
CVE-2012-1631
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292435
|
- |
|
nestor_mata_cuthbert
|
taxonomy_navigator
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Navigator module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1630
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292436
|
- |
|
dmitry_loac
|
taxotouch
|
Cross-site scripting (XSS) vulnerability in the Taxotouch module for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1629
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292437
|
- |
|
63reasons
|
supercron
|
Cross-site scripting (XSS) vulnerability in the SuperCron module for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1628
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292438
|
- |
|
karen_stevenson
|
date
|
SQL injection vulnerability in the conversion form for Events in the Date module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the "administer Date Tools" privilege to exec…
|
CWE-89
SQL Injection
|
CVE-2012-1626
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292439
|
- |
|
wizonesolutions
|
fillpdf
|
Eval injection vulnerability in the fillpdf_form_export_decode function in fillpdf.admin.inc in the Fill PDF module 6.x-1.x before 6.x-1.16 and 7.x-1.x before 7.x-1.2 for Drupal allows remote authent…
|
CWE-94
Code Injection
|
CVE-2012-1625
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292440
|
- |
|
erikwebb
|
password_policy
|
Cross-site request forgery (CSRF) vulnerability in the Password Policy module before 6.x-1.4 and 7.x-1.0 beta3 for Drupal allows remote attackers to hijack the authentication of administrative users …
|
CWE-352
Origin Validation Error
|
CVE-2012-1633
|
2024-11-21 10:37 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
