|
291381
|
- |
|
cups-pk-helper_project
|
cups-pk-helper
|
cups-pk-helper before 0.2.3 does not properly wrap the (1) cupsGetFile and (2) cupsPutFile function calls, which allows user-assisted remote attackers to read or overwrite sensitive files using CUPS …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4510
|
2024-11-21 10:43 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291382
|
- |
|
matomo
|
matomo
|
Cross-site scripting (XSS) vulnerability in Piwik before 1.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4541
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291383
|
- |
|
viewvc
debian
|
viewvc
debian_linux
|
Cross-site scripting (XSS) vulnerability in the "extra" details in the DiffSource._get_row function in lib/viewvc.py in ViewVC 1.0.x before 1.0.13 and 1.1.x before 1.1.16 allows remote authenticated …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4533
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291384
|
- |
|
steve_j_baker
|
plib
|
Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4552
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291385
|
- |
|
djangoproject
|
django
|
The django.http.HttpRequest.get_host function in Django 1.3.x before 1.3.4 and 1.4.x before 1.4.2 allows remote attackers to generate and display arbitrary URLs via crafted username and password Host…
|
CWE-20
Improper Input Validation
|
CVE-2012-4520
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291386
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site scripting (XSS) vulnerability in the Keyword Search page in the web interface in Pattern Insight 2.3 allows remote attackers to inject arbitrary web script or HTML via crafted characters t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4950
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291387
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 store database credentials in cleartext, which allows remote attackers to obtain sensitive information via requests to unspecified pages.
|
CWE-310
Cryptographic Issues
|
CVE-2012-4947
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291388
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4946
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291389
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection" issue.
|
CWE-20
Improper Input Validation
|
CVE-2012-4945
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291390
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified …
|
NVD-CWE-Other
|
CVE-2012-4944
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
