|
297241
|
- |
|
wordpress
|
wordpress
|
wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requirement, which allows remote authenticated users to perform publish actions by leveraging the Contr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5270
|
2024-11-21 10:34 |
2014-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297242
|
- |
|
projectforge
|
projectforge
|
Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3 allows remote authenticated users to inject arbitrary web script or HTML via a validation message.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5269
|
2024-11-21 10:34 |
2014-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297243
|
- |
|
op5
|
monitor
|
op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remote attackers to have an unspecified impact via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0264
|
2024-11-21 10:34 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297244
|
- |
|
op5
|
monitor
|
monitor/index.php in op5 Monitor and op5 Appliance before 5.5.1 allows remote authenticated users to obtain sensitive information such as database and user credentials via error messages that are tri…
|
CWE-200
Information Exposure
|
CVE-2012-0263
|
2024-11-21 10:34 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297245
|
- |
|
op5
|
monitor
system-op5config
|
op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password paramet…
|
CWE-94
Code Injection
|
CVE-2012-0262
|
2024-11-21 10:34 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297246
|
- |
|
op5
|
monitor
system-portal
|
license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for a…
|
CWE-94
Code Injection
|
CVE-2012-0261
|
2024-11-21 10:34 |
2014-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297247
|
- |
|
duckcorp
fedoraproject
|
bip
fedora
|
connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes…
|
CWE-310
Cryptographic Issues
|
CVE-2011-5268
|
2024-11-21 10:34 |
2013-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297248
|
- |
|
novell
|
suse_cloud
|
The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0434
|
2024-11-21 10:34 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297249
|
- |
|
opensuse
|
opensuse
|
yast2-add-on-creator in SUSE inst-source-utils 2008.11.26 before 2008.11.26-0.9.1 and 2012.9.13 before 2012.9.13-0.8.1 allows local users to gain privileges via a crafted (1) file name or (2) directo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0427
|
2024-11-21 10:34 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297250
|
- |
|
novell
|
suse_linux_enterprise_for_sap_applications
|
Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ dir…
|
CWE-362
Race Condition
|
CVE-2012-0426
|
2024-11-21 10:34 |
2013-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
