|
295991
|
- |
|
sean_robertson
|
forward
|
The Forward module 6.x-1.x before 6.x-1.21 and 7.x-1.x before 7.x-1.3 for Drupal does not properly enforce permissions for (1) Recent forwards, (2) Most forwarded, or (3) Dynamic blocks, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1056
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295992
|
- |
|
pl32
|
photoline
|
Heap-based buffer overflow in PhotoLine 17.01 and possibly other versions before 17.02 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1055
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295993
|
- |
|
ivanview
|
ivanview
|
Buffer overflow in IvanView 1.2.15 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1052
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295994
|
- |
|
xnview
|
xnview
|
Heap-based buffer overflow in Xjp2.dll in the JPEG2000 plug-in in XnView 1.98.5 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) m…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1051
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295995
|
- |
|
mathopd
|
mathopd
|
Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x before 1.5p7, when configured with the * construct for mass virtual hosting, allows remote attackers to read arbitrary files via a crafted…
|
CWE-22
Path Traversal
|
CVE-2012-1050
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295996
|
- |
|
manageengine
|
admanager_plus
|
Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine ADManager Plus 5.2 Build 5210 allow remote attackers to inject arbitrary web script or HTML via the (1) domainName parameter to jsp…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1049
|
2024-11-21 10:36 |
2012-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295997
|
- |
|
efrontlearning
|
efront_community_\+\+
|
Cross-site scripting (XSS) vulnerability in communityplusplus/www/administrator.php in eFront Community++ edition 3.6.10, and possibly other editions, allows remote attackers to inject arbitrary web …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1048
|
2024-11-21 10:36 |
2012-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295998
|
- |
|
cyberoam
|
cyberoam_central_console
|
Directory traversal vulnerability in the WWWHELP Service (js/html/wwhelp.htm) in Cyberoam Central Console (CCC) 2.00.2 allows remote attackers to include and execute arbitrary local files via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2012-1047
|
2024-11-21 10:36 |
2012-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295999
|
- |
|
ibm
|
cognos_tm1
|
Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1046
|
2024-11-21 10:36 |
2012-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296000
|
- |
|
adacore
|
ada_web_services
|
AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a …
|
CWE-20
Improper Input Validation
|
CVE-2012-1035
|
2024-11-21 10:36 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
