|
293971
|
- |
|
impresscms
|
impresscms
|
Directory traversal vulnerability in edituser.php in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allows remote authenticated users to include and execute arbitrary local files vi…
|
CWE-22
Path Traversal
|
CVE-2012-0987
|
2024-11-21 10:36 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293972
|
- |
|
impresscms
|
impresscms
|
Multiple cross-site scripting (XSS) vulnerabilities in ImpressCMS 1.2.x before 1.2.7 Final and 1.3.x before 1.3.1 Final allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0986
|
2024-11-21 10:36 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293973
|
- |
|
python
|
python
|
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dep…
|
CWE-310
Cryptographic Issues
|
CVE-2012-1150
|
2024-11-21 10:36 |
2012-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293974
|
- |
|
oneorzero
|
action_and_information_management_system
|
Cross-site scripting (XSS) vulnerability in OneOrZero AIMS 2.8.0 Trial Edition build231211 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to ind…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0989
|
2024-11-21 10:36 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293975
|
- |
|
ubiquity_slideshow_team
|
ubiquity-slideshow-ubuntu
|
ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0956
|
2024-11-21 10:36 |
2012-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293976
|
- |
|
fork-cms
|
fork_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) type or (2) querystring parameters to private/en…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1188
|
2024-11-21 10:36 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293977
|
- |
|
joomla
|
joomla\!
|
Cross-site scripting (XSS) vulnerability in Joomla! 2.5.0 and 2.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1117
|
2024-11-21 10:36 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293978
|
- |
|
joomla
|
joomla\!
|
SQL injection vulnerability in Joomla! 1.7.x and 2.5.x before 2.5.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-1116
|
2024-11-21 10:36 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293979
|
- |
|
ulli_horlacher
|
fex
|
Multiple cross-site scripting (XSS) vulnerabilities in fup in Frams' Fast File EXchange (F*EX, aka fex) before 20111129-2 allow remote attackers to inject arbitrary web script or HTML via the (1) to …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1293
|
2024-11-21 10:36 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293980
|
- |
|
notmuchmail
|
notmuch
|
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an …
|
CWE-20
Improper Input Validation
|
CVE-2012-1103
|
2024-11-21 10:36 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
