|
290861
|
- |
|
ocportal
|
ocportal
|
Open redirect vulnerability in index.php in ocPortal before 7.1.6 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-5234
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290862
|
- |
|
luke_herrington
|
stickynote
|
Cross-site scripting (XSS) vulnerability in the stickynote module before 7.x-1.1 for Drupal allows remote authenticated users with edit stickynotes privileges to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5233
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290863
|
- |
|
mediafire
|
mod_quick_form
|
Cross-site scripting (XSS) vulnerability in the Quickl Form component for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5232
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290864
|
- |
|
jessgramp
|
minicms
|
miniCMS 1.0 and 2.0 allows remote attackers to execute arbitrary PHP code via a crafted (1) pagename or (2) area variable containing an executable extension, which is not properly handled by (a) upda…
|
CWE-94
Code Injection
|
CVE-2012-5231
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290865
|
- |
|
harmistechnology
|
com_jesubmit
|
Unspecified vulnerability in the JE Story Submit (com_jesubmit) component before 1.9 for Joomla! has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-5230
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290866
|
- |
|
wordpress
|
slideshow_gallery2
|
Cross-site scripting (XSS) vulnerability in css/gallery-css.php in the Slideshow Gallery2 plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the border parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5229
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290867
|
- |
|
tincan
|
phplist
|
Cross-site scripting (XSS) vulnerability in admin/index.php in phplist 2.10.9, 2.10.17, and possibly other versions before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5228
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290868
|
- |
|
peel
|
peel_shopping
|
SQL injection vulnerability in administrer/tva.php in Peel SHOPPING 2.8 and 2.9 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2012-5227
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290869
|
- |
|
peel
|
peel_shopping
|
Multiple cross-site scripting (XSS) vulnerabilities in Peel SHOPPING 2.8 and 2.9 allow remote attackers to inject arbitrary web script or HTML via the (1) motclef parameter to achat/recherche.php or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5226
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290870
|
- |
|
eliteweaver
|
xclick_cart
|
Cross-site scripting (XSS) vulnerability in webscr.php in xClick Cart 1.0.1 and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the shopping_url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-5225
|
2024-11-21 10:44 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
