|
292451
|
- |
|
fourkitchens
|
block_class
|
Cross-site scripting (XSS) vulnerability in block_class.module in the Block Class module before 7.x-1.1 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web s…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1657
|
2024-11-21 10:37 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292452
|
- |
|
wesjones
|
multisite_search
|
SQL injection vulnerability in the Multisite Search module 6.x-2.2 for Drupal allows remote authenticated users with certain permissions to execute arbitrary SQL commands via the Site table prefix fi…
|
CWE-89
SQL Injection
|
CVE-2012-1656
|
2024-11-21 10:37 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292453
|
- |
|
sven_decabooter
|
uc_paydutchgroup_\/_wedeal_payment
|
Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment module 6.x-1.0 for Drupal allows remote authenticated users to obtain account credentials via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1655
|
2024-11-21 10:37 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292454
|
- |
|
alex_barth
|
data
|
Multiple cross-site scripting (XSS) vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data ta…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1654
|
2024-11-21 10:37 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292455
|
- |
|
microsoft
|
visual_studio_team_foundation_server
|
Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "X…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1892
|
2024-11-21 10:37 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292456
|
- |
|
danielb
|
cool_aid
|
Cool Aid module before 6.x-1.9 for Drupal does not enforce access restrictions, which allows remote authenticated users with the administer coolaid permission to modify arbitrary pages via unspecifie…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1649
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292457
|
- |
|
danielb
|
cool_aid
|
Cross-site scripting (XSS) vulnerability in the Cool Aid module before 6.x-1.9 for Drupal allows remote authenticated users with the administer coolaid permission to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1648
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292458
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to inject arbitrary web script or HTML via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1582
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292459
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1581
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292460
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to hijack the authentication of unspecified victim…
|
CWE-352
Origin Validation Error
|
CVE-2012-1580
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
