|
292801
|
7.5 |
HIGH
Network
|
moodle
fedoraproject
redhat
|
moodle
fedora
enterprise_linux
|
Moodle before 2.2.2 has users' private files included in course backups
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2012-1156
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292802
|
7.5 |
HIGH
Network
|
moodle
fedoraproject
redhat
debian
|
moodle
fedora
enterprise_linux
debian_linux
|
Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
|
CWE-200
Information Exposure
|
CVE-2012-1155
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292803
|
7.5 |
HIGH
Network
|
pediapress
|
mwlib
|
mwlib 0.13 through 0.13.4 has a denial of service vulnerability when parsing #iferror magic functions
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2012-1109
|
2024-11-21 10:36 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292804
|
9.8 |
CRITICAL
Network
|
bitlbee
|
bitlbee
|
Bitlbee does not drop extra group privileges correctly in unix.c
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2012-1187
|
2024-11-21 10:36 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292805
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortios
|
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiGate UTM WAF appliances with FortiOS 4.3.x before 4.3.6 allow remote attackers to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2012-0941
|
2024-11-21 10:36 |
2018-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292806
|
9.8 |
CRITICAL
Network
|
umbraco
|
umbraco_cms
|
The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-1301
|
2024-11-21 10:36 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292807
|
- |
|
dflabs
|
ptk
|
Cross-site request forgery (CSRF) vulnerability in lib/logout.php in DFLabs PTK 1.0.5 and earlier allows remote attackers to hijack the authentication of administrators or investigators for requests …
|
CWE-352
Origin Validation Error
|
CVE-2012-1415
|
2024-11-21 10:36 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292808
|
- |
|
amcharts
|
flash
|
Multiple cross-site scripting (XSS) vulnerabilities in amCharts Flash 1 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ampie.swf…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1303
|
2024-11-21 10:36 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292809
|
- |
|
ammap_project
|
ammap
|
Multiple cross-site scripting (XSS) vulnerabilities in amMap 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data_file or (2) settings_file parameter to ammap.swf, or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1302
|
2024-11-21 10:36 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292810
|
- |
|
syndeocms
|
syndeocms
|
Cross-site request forgery (CSRF) vulnerability in starnet/index.php in SyndeoCMS 3.0 and earlier allows remote attackers to hijack the authentication of administrators for requests that add user acc…
|
CWE-352
Origin Validation Error
|
CVE-2012-1203
|
2024-11-21 10:36 |
2014-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
