|
290821
|
- |
|
idevspot
|
isupport
|
Cross-site request forgery (CSRF) vulnerability in admin/function.php in IDevSpot iSupport 1.x allows remote attackers to hijack the authentication of administrators for requests that add administrat…
|
CWE-352
Origin Validation Error
|
CVE-2012-5326
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290822
|
- |
|
cartpauj
|
shortcode-redirect
|
Multiple cross-site scripting (XSS) vulnerabilities in the scr_do_redirect function in scr.php in the Shortcode Redirect plugin 1.0.01 and earlier for WordPress allow remote authenticated users with …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5325
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290823
|
- |
|
tracker-software
|
pdf-xchange
|
Multiple buffer overflows in the Pdf Printer Preferences ActiveX Control in pdfxctrl.dll in Tracker Software PDF-XChange 3.60.0128 allow remote attackers to execute arbitrary code via a long string i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5324
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290824
|
- |
|
xavi
|
x7968
|
Cross-site request forgery (CSRF) vulnerability in webconfig/admin_passwd/passwd.html/admin_passwd in Xavi X7968 allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2012-5323
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290825
|
- |
|
xavi
|
x7968
|
Multiple cross-site scripting (XSS) vulnerabilities in Xavi X7968 allow remote attackers to inject arbitrary web script or HTML via the (1) pvcName parameter to webconfig/wan/confirm.html/confirm or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5322
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290826
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
tiki-featured_link.php in TikiWiki CMS/Groupware 8.3 allows remote attackers to load arbitrary web site pages into frames and conduct phishing attacks via the url parameter, aka "frame injection."
|
CWE-20
Improper Input Validation
|
CVE-2012-5321
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290827
|
- |
|
sagem
|
f\@st_2604_firmware
f\@st_2604
|
Cross-site request forgery (CSRF) vulnerability in password.cgi in Sagem F@ST 2604 253180972B allows remote attackers to hijack the authentication of administrators for requests that change the admin…
|
CWE-352
Origin Validation Error
|
CVE-2012-5320
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290828
|
- |
|
dlink
|
dcs-900
dcs-2000
dcs-5300
|
Cross-site request forgery (CSRF) vulnerability in setup/security.cgi in D-Link DCS-900, DCS-2000, and DCS-5300 allows remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2012-5319
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290829
|
- |
|
kishore_asokan
|
kish_guest_posting_plugin
|
Unrestricted file upload vulnerability in uploadify/scripts/uploadify.php in the Kish Guest Posting plugin 1.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with…
|
NVD-CWE-Other
|
CVE-2012-5318
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290830
|
- |
|
bigware
|
bigware_shop
|
SQL injection vulnerability in main_bigware_43.php in Bigware Shop before 2.1.5 allows remote attackers to execute arbitrary SQL commands via the lastname parameter in a process action.
|
CWE-89
SQL Injection
|
CVE-2012-5317
|
2024-11-21 10:44 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
