|
291071
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4946
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291072
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection" issue.
|
CWE-20
Improper Input Validation
|
CVE-2012-4945
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291073
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified …
|
NVD-CWE-Other
|
CVE-2012-4944
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291074
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requ…
|
CWE-352
Origin Validation Error
|
CVE-2012-4943
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291075
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple cross-site scripting (XSS) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to inject arbitrary web script or HTML via an arbitrary text fi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4942
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291076
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple SQL injection vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-4941
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291077
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site scripting (XSS) vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4938
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291078
|
- |
|
patterninsight
|
pattern_insight
|
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsession_id cookie.
|
NVD-CWE-Other
|
CVE-2012-4937
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291079
|
- |
|
patterninsight
|
pattern_insight
|
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element.
|
NVD-CWE-Other
|
CVE-2012-4936
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291080
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site request forgery (CSRF) vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2012-4935
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
