|
297161
|
- |
|
nikola_posa
|
webfoliocms1.0.8
webfoliocms1.0.7
webfoliocms1.1.3
webfoliocms1.0.4
webfoliocms1.0.5
webfoliocms1.1.1
webfoliocms1.1.2
webfoliocms1.0.2
webfoliocms1.0.9
webfoliocms1.1.0
Multiple cross-site request forgery (CSRF) vulnerabilities in Webfolio CMS 1.1.4 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an adminis…
|
CWE-352
Origin Validation Error
|
CVE-2012-1498
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
297162
|
- |
|
netmechanica
|
netdecision
|
The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in…
|
CWE-200
Information Exposure
|
CVE-2012-1466
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297163
|
- |
|
netmechanica
|
netdecision
|
Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. NO…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1465
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297164
|
- |
|
netmechanica
|
netdecision
|
Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to ac…
|
CWE-200
Information Exposure
|
CVE-2012-1464
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297165
|
- |
|
webgrind_project
|
webgrind
|
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2012-1790
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297166
|
- |
|
tskynet
|
kongreg8
|
Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) surname or (2) firstname parameters to modules/members/…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1789
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297167
|
- |
|
wonderdesk
|
wonderdesk_sql
|
Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi in WonderDesk SQL 4.14 allow remote attackers to inject arbitrary web script or HTML via the (1) cus_email parameter in a cust_lo…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1788
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297168
|
- |
|
webglimpse
|
webglimpse
|
Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) FILE, or (3) DO…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1787
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297169
|
- |
|
kylegilman
|
video_embed_\&_thumbnail_generator
|
The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors.
|
CWE-200
Information Exposure
|
CVE-2012-1786
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297170
|
- |
|
kylegilman
|
video_embed_\&_thumbnail_generator
|
kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2012-1785
|
2024-11-21 10:37 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
