|
293541
|
- |
|
postgresql
|
postgresql
postgresql_jdbc_driver
|
Interaction error in the PostgreSQL JDBC driver before 8.2, when used with a PostgreSQL server with the "standard_conforming_strings" option enabled, such as the default configuration of PostgreSQL 9…
|
NVD-CWE-Other
|
CVE-2012-1618
|
2024-11-21 10:37 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293542
|
- |
|
hans_nilsson
|
video_filter
|
Cross-site scripting (XSS) vulnerability in video_filter.codecs.inc in the Video Filter module 6.x-2.x and 7.x-2.x for Drupal allows remote attackers to inject arbitrary web script or HTML via the EM…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1634
|
2024-11-21 10:37 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293543
|
- |
|
lingotek
|
lingotek
|
Multiple cross-site scripting (XSS) vulnerabilities in the Lingotek module 6.x-1.x before 6.x-1.40 for Drupal allow remote authenticated users to inject arbitrary web script or HTML when (1) creating…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1624
|
2024-11-21 10:37 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293544
|
- |
|
aidanlister
|
regcode
|
The Registration Codes module before 6.x-2.4 for Drupal does not restrict access to the registration code list, which might allow remote attackers to bypass intended registration restrictions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1623
|
2024-11-21 10:37 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293545
|
- |
|
ez
|
ez_publish
|
Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and 4.6 has unknown impact and attack vectors related to an insecure direct object reference.
|
NVD-CWE-noinfo
|
CVE-2012-1565
|
2024-11-21 10:37 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293546
|
- |
|
yuriy_v_semenikhin
|
yvs_image_gallery
|
Cross-site scripting (XSS) vulnerability in administration/create_album.php in YVS Image Gallery allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1564
|
2024-11-21 10:37 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293547
|
- |
|
nextbbs
|
nextbbs
|
Cross-site scripting (XSS) vulnerability in NextBBS 0.6 allows remote attackers to inject arbitrary web script or HTML via the do parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1604
|
2024-11-21 10:37 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293548
|
- |
|
nextbbs
|
nextbbs
|
Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id paramet…
|
CWE-89
SQL Injection
|
CVE-2012-1603
|
2024-11-21 10:37 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293549
|
- |
|
nextbbs
|
nextbbs
|
user.php in NextBBS 0.6 allows remote attackers to bypass authentication and gain administrator access by setting the userkey cookie to 1.
|
CWE-287
Improper Authentication
|
CVE-2012-1602
|
2024-11-21 10:37 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293550
|
- |
|
ocportal
|
ocportal
|
Directory traversal vulnerability in catalogue_file.php in ocPortal before 7.1.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2012-1471
|
2024-11-21 10:37 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
