|
300111
|
6.1 |
MEDIUM
Network
|
apache
|
hupa
|
Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the Apache James project. An attacker could send a carefully crafted email to a user of Hupa which wou…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3536
|
2024-11-21 10:41 |
2018-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300112
|
- |
|
arialsoftware
|
campaign_enterprise
|
Multiple SQL injection vulnerabilities in Campaign11.exe in Arial Software Campaign Enterprise before 11.0.551 allow remote attackers to execute arbitrary SQL commands via the (1) SerialNumber field …
|
CWE-89
SQL Injection
|
CVE-2012-3820
|
2024-11-21 10:41 |
2014-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300113
|
- |
|
qbnz
|
geshi
|
Cross-site scripting (XSS) vulnerability in contrib/langwiz.php in GeSHi before 1.0.8.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3522
|
2024-11-21 10:41 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300114
|
- |
|
qbnz
|
geshi
|
Multiple directory traversal vulnerabilities in the cssgen contrib module in GeSHi before 1.0.8.11 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) geshi-path or (2) geshi…
|
CWE-22
Path Traversal
|
CVE-2012-3521
|
2024-11-21 10:41 |
2014-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300115
|
- |
|
cisco
|
ios
|
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3946
|
2024-11-21 10:41 |
2014-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300116
|
- |
|
cisco
|
ios
catalyst_2900
catalyst_2900_vlan
catalyst_2900xl
|
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certa…
|
NVD-CWE-noinfo
|
CVE-2012-3918
|
2024-11-21 10:41 |
2014-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300117
|
- |
|
cisco
|
vc240_network_bullet_camera
video_surveillance_vc220_network_dome_camera
|
The Cisco VC220 and VC240 cameras allow remote attackers to cause a denial of service (WebUI outage) via crafted packets, aka Bug IDs CSCtf73188, CSCtf88059, CSCtf87951, CSCtf87908, and CSCtf88019.
|
NVD-CWE-noinfo
|
CVE-2012-3913
|
2024-11-21 10:41 |
2013-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300118
|
- |
|
apache
|
tomcat
|
Apache Tomcat 6.x before 6.0.37 and 7.x before 7.0.30 does not properly handle chunk extensions in chunked transfer coding, which allows remote attackers to cause a denial of service by streaming dat…
|
CWE-20
Improper Input Validation
|
CVE-2012-3544
|
2024-11-21 10:41 |
2013-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300119
|
- |
|
redhat
|
jboss_enterprise_portal_platform
|
Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to hijack the authentication of unspecifie…
|
CWE-352
Origin Validation Error
|
CVE-2012-3532
|
2024-11-21 10:41 |
2013-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300120
|
- |
|
apache
|
http_server
|
Multiple cross-site scripting (XSS) vulnerabilities in the Apache HTTP Server 2.2.x before 2.2.24-dev and 2.4.x before 2.4.4 allow remote attackers to inject arbitrary web script or HTML via vectors …
|
CWE-79
Cross-site Scripting
|
CVE-2012-3499
|
2024-11-21 10:41 |
2013-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
