|
294251
|
- |
|
flyspray
|
flyspray
|
Cross-site request forgery (CSRF) vulnerability in Flyspray 0.9.9.6 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an admin.newuser action to …
|
CWE-352
Origin Validation Error
|
CVE-2012-1058
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294252
|
- |
|
sean_robertson
|
forward
|
Cross-site request forgery (CSRF) vulnerability in the clickthrough tracking functionality in the Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers …
|
CWE-352
Origin Validation Error
|
CVE-2012-1057
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294253
|
- |
|
sean_robertson
|
forward
|
The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1056
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294254
|
- |
|
pl32
|
photoline
|
Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1055
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294255
|
- |
|
ivanview
|
ivanview
|
Buffer overflow in IvanView 1.2.15 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1052
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294256
|
- |
|
xnview
|
xnview
|
Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1051
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294257
|
- |
|
mathopd
|
mathopd
|
Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted…
|
CWE-22
Path Traversal
|
CVE-2012-1050
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294258
|
- |
|
manageengine
|
admanager_plus
|
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote attackers to inject arbitrary web script or HTML via the (1) domainName parameter to jsp…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1049
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294259
|
- |
|
efrontlearning
|
efront_community_\+\+
|
Cross-site scripting (XSS) vulnerability in communityplusplus/www/administrator.php in eFront Community++ edition 3.6.10, and possibly other editions, allows remote attackers to inject arbitrary web …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1048
|
2024-11-21 10:36 |
2012-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294260
|
- |
|
cyberoam
|
cyberoam_central_console
|
Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2012-1047
|
2024-11-21 10:36 |
2012-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
