|
291251
|
- |
|
awpcp
|
another_wordpress_classifieds_plugin
|
Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads."
|
NVD-CWE-noinfo
|
CVE-2012-4874
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291252
|
- |
|
sir
|
gnuboard
|
Cross-site scripting (XSS) vulnerability in the file_download function in GNUBoard before 4.34.21 allows remote attackers to inject arbitrary web script or HTML via the filename parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4873
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291253
|
- |
|
kayako
|
kayako_fusion
|
Cross-site scripting (XSS) vulnerability in Tickets/Submit in Kayako Fusion before 4.40.985 allows remote attackers to inject arbitrary web script or HTML via certain vectors, possibly a crafted tick…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4872
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291254
|
- |
|
litespeedtech
|
litespeed_web_server
|
Cross-site scripting (XSS) vulnerability in service/graph_html.php in the administrator panel in LiteSpeed Web Server 4.1.11 allows remote attackers to inject arbitrary web script or HTML via the gti…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4871
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291255
|
- |
|
sangoma
|
freepbx
|
Multiple cross-site scripting (XSS) vulnerabilities in FreePBX 2.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) context parameter to panel/index_amp.php or (2…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4870
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291256
|
- |
|
sangoma
|
freepbx
|
The callme_startcall function in recordings/misc/callme_page.php in FreePBX 2.9, 2.10, and earlier allows remote attackers to execute arbitrary commands via the callmenum parameter in a c action.
|
CWE-94
Code Injection
|
CVE-2012-4869
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291257
|
- |
|
kunena
|
kunena
|
SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4868
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291258
|
- |
|
vtiger
|
vtiger_crm
|
Directory traversal vulnerability in modules/com_vtiger_workflow/sortfieldsjson.php in vtiger CRM 5.1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the module_name parameter.
|
CWE-22
Path Traversal
|
CVE-2012-4867
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291259
|
- |
|
xtremerat
|
xtremerat
|
Untrusted search path vulnerability in Xtreme RAT 3.5 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder a…
|
NVD-CWE-Other
|
CVE-2012-4866
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291260
|
- |
|
oreans
|
themida
|
Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to execute arbitrary code via a crafted .TMD file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4865
|
2024-11-21 10:43 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
