|
292961
|
- |
|
itechscripts
|
travelon_express
|
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) ho…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2938
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292962
|
- |
|
pligg
|
pligg_cms
|
Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) list parameter in a move action to admin/admin_index.php, (2) dis…
|
CWE-89
SQL Injection
|
CVE-2012-2937
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292963
|
- |
|
pligg
|
pligg_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) page parameter to (a) admin/admin_c…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2936
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292964
|
- |
|
pligg
|
pligg_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter in a move or (2) minimize ac…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2436
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292965
|
- |
|
pligg
|
pligg_cms
|
Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the captcha para…
|
CWE-22
Path Traversal
|
CVE-2012-2435
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292966
|
- |
|
oscommerce
|
online_merchant
|
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Shop/Application/Checkout/pages/main.php in OSCommerce Online Merchant 3.0.2 allows remote attackers to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2935
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292967
|
- |
|
seagate
|
blackarmor_nas
|
d41d8cd98f00b204e9800998ecf8427e.php in the management web server on the Seagate BlackArmor device allows remote attackers to change the administrator password via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2568
|
2024-11-21 10:39 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292968
|
- |
|
xarrow
|
xarrow
|
The server in xArrow before 3.4.1 performs an invalid read operation, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-189
Numeric Errors
|
CVE-2012-2429
|
2024-11-21 10:39 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292969
|
- |
|
xarrow
|
xarrow
|
Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation.
|
CWE-189
Numeric Errors
|
CVE-2012-2428
|
2024-11-21 10:39 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292970
|
- |
|
xarrow
|
xarrow
|
Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2427
|
2024-11-21 10:39 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
