|
291081
|
- |
|
novell
|
file_reporter
|
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of…
|
CWE-22
Path Traversal
|
CVE-2012-4959
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291082
|
- |
|
novell
|
file_reporter
|
Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an …
|
CWE-22
Path Traversal
|
CVE-2012-4958
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291083
|
- |
|
novell
|
file_reporter
|
Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an…
|
CWE-22
Path Traversal
|
CVE-2012-4957
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291084
|
- |
|
novell
|
file_reporter
|
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4956
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291085
|
- |
|
pgbouncer_project
|
pgbouncer
|
The add_database function in objects.c in the pgbouncer pooler 1.5.2 for PostgreSQL allows remote attackers to cause a denial of service (daemon outage) via a long database name in a request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4575
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291086
|
- |
|
emc
|
rsa_data_protection_manager_appliance
|
EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypas…
|
CWE-287
Improper Authentication
|
CVE-2012-4613
|
2024-11-21 10:43 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291087
|
- |
|
emc
|
rsa_data_protection_manager_appliance
rsa_data_protection_manager_software_server
|
Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4612
|
2024-11-21 10:43 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291088
|
- |
|
dell
|
openmanage_server_administrator
|
Cross-site scripting (XSS) vulnerability in Dell OpenManage Server Administrator (OMSA) before 6.5.0.1, 7.0 before 7.0.0.1, and 7.1 before 7.1.0.1 allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4955
|
2024-11-21 10:43 |
2012-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291089
|
- |
|
vanillaforums
|
vanilla_forums
vanilla
|
The edit-profile page in Vanilla Forums before 2.1a32 allows remote authenticated users to modify arbitrary profile settings by replacing the UserID value during a man-in-the-middle attack, related t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4954
|
2024-11-21 10:43 |
2012-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291090
|
- |
|
verifone
|
vericentre_web_console
|
Multiple SQL injection vulnerabilities in terminal/paramedit.aspx in VeriFone VeriCentre Web Console before 2.2 build 36 allow remote attackers to execute arbitrary SQL commands via the (1) TerminalI…
|
CWE-89
SQL Injection
|
CVE-2012-4951
|
2024-11-21 10:43 |
2012-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
