|
291291
|
- |
|
thomas_hunter
|
neoinvoice
|
SQL injection vulnerability in application/controllers/invoice.php in NeoInvoice might allow remote attackers to execute arbitrary SQL commands via vectors involving the sort_col variable in the list…
|
CWE-89
SQL Injection
|
CVE-2012-4673
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291292
|
- |
|
apple
|
ichat_server
|
Apple iChat Server does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.
|
CWE-20
Improper Input Validation
|
CVE-2012-4672
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291293
|
- |
|
psyced
|
psyced
|
psyced before 20120821 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted.
|
CWE-20
Improper Input Validation
|
CVE-2012-4671
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291294
|
- |
|
tigase
|
tigase_xmpp_server
|
Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Author…
|
CWE-20
Improper Input Validation
|
CVE-2012-4670
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291295
|
- |
|
isode
|
m-link
|
M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses fo…
|
CWE-20
Improper Input Validation
|
CVE-2012-4669
|
2024-11-21 10:43 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291296
|
- |
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4668
|
2024-11-21 10:43 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291297
|
- |
|
darold
|
squidclamav
|
Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x before 5.8 allow remote attackers to inject arbitrary web script or HTML via the (1) url, (2) virus, (3) source, or (4) user par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4667
|
2024-11-21 10:43 |
2012-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291298
|
- |
|
websense
|
websense_email_security
|
The default configuration of the SMTP component in Websense Email Security 6.1 through 7.3 enables weak SSL ciphers in the "SurfControl plc\SuperScout Email Filter\SMTP" registry key, which makes it …
|
CWE-200
Information Exposure
|
CVE-2012-4605
|
2024-11-21 10:43 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291299
|
- |
|
websense
|
websense_web_security
|
The TRITON management console in Websense Web Security before 7.6 Hotfix 24 allows remote attackers to bypass authentication and read arbitrary reports via a crafted uid field, in conjunction with a …
|
CWE-287
Improper Authentication
|
CVE-2012-4604
|
2024-11-21 10:43 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
291300
|
- |
|
mcafee
|
smartfilter_administration
|
McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which…
|
CWE-287
Improper Authentication
|
CVE-2012-4599
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
