|
289731
|
- |
|
kernel
|
util-linux
|
(a) mount and (b) umount in util-linux 2.14.1, 2.17.2, and probably other versions allow local users to determine the existence of restricted directories by (1) using the --guess-fstype command-line …
|
CWE-200
Information Exposure
|
CVE-2013-0157
|
2024-11-21 10:46 |
2014-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289732
|
- |
|
wordpress
|
wordpress
|
wp-admin/includes/class-wp-posts-list-table.php in WordPress before 3.3.3 does not properly restrict excerpt-view access, which allows remote authenticated users to obtain sensitive information by vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6635
|
2024-11-21 10:46 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289733
|
- |
|
wordpress
|
wordpress
|
wp-admin/media-upload.php in WordPress before 3.3.3 allows remote attackers to obtain sensitive information or bypass intended media-attachment restrictions via a post_id value.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6634
|
2024-11-21 10:46 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289734
|
- |
|
wordpress
|
wordpress
|
Cross-site scripting (XSS) vulnerability in wp-includes/default-filters.php in WordPress before 3.3.3 allows remote attackers to inject arbitrary web script or HTML via an editable slug field.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6633
|
2024-11-21 10:46 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289735
|
- |
|
vessio
|
netbill
|
Multiple cross-site scripting (XSS) vulnerabilities in Vessio NetBill 1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) file title to accounts/admin/index…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6632
|
2024-11-21 10:46 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289736
|
- |
|
vessio
|
netbill
|
Cross-site request forgery (CSRF) vulnerability in accounts/admin/index.php in Vessio NetBill 1.2 allows remote attackers to hijack the authentication of administrators for requests that add accounts…
|
CWE-352
Origin Validation Error
|
CVE-2012-6631
|
2024-11-21 10:46 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289737
|
- |
|
rick_mead
|
media_library_categories
|
Multiple cross-site scripting (XSS) vulnerabilities in the Media Library Categories plugin 1.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) bulk parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6630
|
2024-11-21 10:46 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289738
|
- |
|
xyzscripts
|
newsletter_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allow remote attackers to hijack the authentication of administrators for r…
|
CWE-352
Origin Validation Error
|
CVE-2012-6629
|
2024-11-21 10:46 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289739
|
- |
|
xyzscripts
|
newsletter_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the Newsletter Manager plugin before 1.0.2 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) xyz_em_campNa…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6628
|
2024-11-21 10:46 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
289740
|
- |
|
xyzscripts
|
newsletter_manager
|
Cross-site scripting (XSS) vulnerability in admin/test_mail.php in the Newsletter Manager plugin 1.0.2 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2012-6627
|
2024-11-21 10:46 |
2014-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
