|
290921
|
- |
|
redhat
|
openshift
|
Cross-site request forgery (CSRF) vulnerability in the management console (openshift-console/app/controllers/application_controller.rb) in OpenShift 0.0.5 allows remote attackers to hijack the authen…
|
CWE-352
Origin Validation Error
|
CVE-2012-5622
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290922
|
- |
|
owncloud
|
owncloud
|
Incomplete blacklist vulnerability in lib/filesystem.php in ownCloud before 4.0.9 and 4.5.x before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a spe…
|
CWE-20
Improper Input Validation
|
CVE-2012-5610
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290923
|
- |
|
owncloud
|
owncloud
|
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.5.2 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted mount.php file in a ZIP file.
|
NVD-CWE-Other
|
CVE-2012-5609
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290924
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in apps/user_webdavauth/settings.php in ownCloud 4.5.x before 4.5.2 allows remote attackers to inject arbitrary web script or HTML via arbitrary POST paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5608
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290925
|
- |
|
owncloud
|
owncloud
|
The "Lost Password" reset functionality in ownCloud before 4.0.9 and 4.5.0 does not properly check the security token, which allows remote attackers to change an accounts password via unspecified vec…
|
CWE-255
Credentials Management
|
CVE-2012-5607
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290926
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.9 and 4.5.0 allow remote attackers to inject arbitrary web script or HTML via the (1) file name to apps/files_versions/js/ve…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5606
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290927
|
- |
|
gimp
|
gimp
|
Multiple stack-based buffer overflows in file-xwd.c in the X Window Dump (XWD) plug-in in GIMP 2.8.2 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi…
|
CWE-787
Out-of-bounds Write
|
CVE-2012-5576
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290928
|
- |
|
sensiolabs
|
symfony
|
lib/form/sfForm.class.php in Symfony CMS before 1.4.20 allows remote attackers to read arbitrary files via a crafted upload request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5574
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290929
|
- |
|
openstack
|
folsom
|
OpenStack Keystone, as used in OpenStack Folsom 2012.2, does not properly implement token expiration, which allows remote authenticated users to bypass intended authorization restrictions by creating…
|
CWE-255
Credentials Management
|
CVE-2012-5563
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
290930
|
- |
|
bogofilter_project
|
bogofilter
|
Heap-based buffer overflow in iconvert.c in the bogolexer component in Bogofilter before 1.2.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5468
|
2024-11-21 10:44 |
2012-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
