|
290871
|
- |
|
ibm
|
sterling_b2b_integrator
sterling_file_gateway
|
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capt…
|
CWE-310
Cryptographic Issues
|
CVE-2012-5936
|
2024-11-21 10:45 |
2013-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290872
|
- |
|
ibm
|
sterling_b2b_integrator
sterling_file_gateway
|
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors …
|
CWE-89
SQL Injection
|
CVE-2012-5766
|
2024-11-21 10:45 |
2013-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290873
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the function menu API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6148
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290874
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the tree render API (TCA-Tree) in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated bac…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6147
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290875
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6145
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290876
|
- |
|
typo3
|
typo3
|
SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to execute arbitrary SQL …
|
CWE-89
SQL Injection
|
CVE-2012-6144
|
2024-11-21 10:45 |
2013-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290877
|
- |
|
redhat
|
enterprise_linux_long_life
enterprise_linux
enterprise_linux_server_eus
enterprise_linux_eus
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_server
enterpri…
|
rhn-migrate-classic-to-rhsm tool in Red Hat subscription-manager does not verify the Red Hat Network Classic server's X.509 certificate when migrating to a Certificate-based Red Hat Network, which al…
|
CWE-255
Credentials Management
|
CVE-2012-6137
|
2024-11-21 10:45 |
2013-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290878
|
- |
|
zend
|
zend_framework
|
The (1) Zend_Feed_Rss and (2) Zend_Feed_Atom classes in Zend_Feed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests t…
|
CWE-200
Information Exposure
|
CVE-2012-5657
|
2024-11-21 10:45 |
2013-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290879
|
- |
|
ibm
|
spss_samplepower
|
Buffer overflow in the vsflex7l ActiveX control in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5947
|
2024-11-21 10:45 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290880
|
- |
|
ibm
|
spss_samplepower
|
Buffer overflow in the c1sizer ActiveX control in C1sizer.ocx in IBM SPSS SamplePower 3.0 before FP1 allows remote attackers to execute arbitrary code via a long TabCaption string.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5946
|
2024-11-21 10:45 |
2013-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
