|
296041
|
- |
|
emc
|
avamar
avamar_plugin
|
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to g…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2291
|
2024-11-21 10:38 |
2013-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296042
|
- |
|
redhat
squirrelmail
|
enterprise_linux
squirrelmail
|
functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial…
|
CWE-399
Resource Management Errors
|
CVE-2012-2124
|
2024-11-21 10:38 |
2013-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296043
|
- |
|
pizzashack
|
rssh
|
Incomplete blacklist vulnerability in rssh before 2.3.4, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via the --rsh command line option.
|
NVD-CWE-Other
|
CVE-2012-2252
|
2024-11-21 10:38 |
2013-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296044
|
- |
|
pizzashack
|
rssh
|
rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.
|
CWE-20
Improper Input Validation
|
CVE-2012-2251
|
2024-11-21 10:38 |
2013-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296045
|
- |
|
apache
|
cxf
|
Apache CXF 2.4.5 through 2.4.7, 2.5.1 through 2.5.3, and 2.6.x before 2.6.1, does not properly enforce child policies of a WS-SecurityPolicy 1.1 SupportingToken policy on the client side, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2378
|
2024-11-21 10:38 |
2013-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296046
|
- |
|
apache
|
cxf
|
Apache CXF 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1, when a Supporting Token specifies a child WS-SecurityPolicy 1.1 or 1.2 policy, does not properly ensure that an XML element …
|
NVD-CWE-noinfo
|
CVE-2012-2379
|
2024-11-21 10:38 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296047
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2253
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296048
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to artefact/file/ and a…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2247
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296049
|
- |
|
mahara
|
mahara
|
Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php.
|
CWE-20
Improper Input Validation
|
CVE-2012-2246
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296050
|
- |
|
mahara
|
mahara
|
Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote authenticated administrators to execute arbitrary programs by modifying the path to clamav. NOTE: this can be exploited without authent…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2244
|
2024-11-21 10:38 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
