|
297051
|
6.5 |
MEDIUM
Network
|
plixer
|
scrutinizer_netflow_\&_sflow_analyzer
|
cgi-bin/userprefs.cgi in Plixer International Scrutinizer NetFlow & sFlow Analyzer before 9.0.1.19899 does not validate user permissions, which allow remote attackers to add user accounts with admini…
|
CWE-287
Improper Authentication
|
CVE-2012-1258
|
2024-11-21 10:36 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297052
|
6.1 |
MEDIUM
Network
|
ldap-account-manager
fedoraproject
debian
|
ldap_account_manager
fedora
debian_linux
|
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1115
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297053
|
6.1 |
MEDIUM
Network
|
ldap-account-manager
fedoraproject
debian
|
ldap_account_manager
fedora
debian_linux
|
A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1114
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297054
|
5.5 |
MEDIUM
Local
|
apereo
fedoraproject
debian
|
phpcas
fedora
debian_linux
|
An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file…
|
CWE-200
Information Exposure
|
CVE-2012-1105
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297055
|
5.3 |
MEDIUM
Network
|
apereo
debian
|
phpcas
debian_linux
|
A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.
|
CWE-269
Improper Privilege Management
|
CVE-2012-1104
|
2024-11-21 10:36 |
2019-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297056
|
6.1 |
MEDIUM
Network
|
chyrp
|
chyrp
|
Multiple cross-site scripting (XSS) vulnerabilities in Chyrp before 2.1.2 and before 2.5 Beta 2 allow remote attackers to inject arbitrary web script or HTML via the (1) content parameter to includes…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1001
|
2024-11-21 10:36 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297057
|
5.5 |
MEDIUM
Local
|
pidgin
|
pidgin
|
Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2012-1257
|
2024-11-21 10:36 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297058
|
7.5 |
HIGH
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2012-1170
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297059
|
5.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
|
CWE-200
Information Exposure
|
CVE-2012-1169
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297060
|
4.3 |
MEDIUM
Network
|
moodle
fedoraproject
|
moodle
fedora
|
Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
|
CWE-200
Information Exposure
|
CVE-2012-1161
|
2024-11-21 10:36 |
2019-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
