|
296271
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to obtain the session tokens of…
|
CWE-200
Information Exposure
|
CVE-2012-4583
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296272
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote authenticated users to reset the passwords of arbit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4582
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296273
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, does not disable the server-side session token upon the closing o…
|
CWE-287
Improper Authentication
|
CVE-2012-4581
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296274
|
- |
|
mcafee
|
email_and_web_security
email_gateway
|
Cross-site scripting (XSS) vulnerability in McAfee Email and Web Security (EWS) 5.x before 5.5 Patch 6 and 5.6 before Patch 3, and McAfee Email Gateway (MEG) 7.0 before Patch 1, allows remote attacke…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4580
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296275
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations (1) TRUNCATE or (…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4579
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296276
|
- |
|
pawel_jakub_dawidek
|
geli
|
The geli encryption provider 7 before r239184 on FreeBSD 10 uses a weak Master Key, which makes it easier for local users to defeat a cryptographic protection mechanism via a brute-force attack.
|
CWE-310
Cryptographic Issues
|
CVE-2012-4578
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296277
|
- |
|
korenix
|
jetport
|
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, …
|
CWE-255
Credentials Management
|
CVE-2012-4577
|
2024-11-21 10:43 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296278
|
8.1 |
HIGH
Network
|
mediawiki
|
mediawiki
|
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2012-4381
|
2024-11-21 10:42 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296279
|
6.1 |
MEDIUM
Network
|
chamilo
|
chamilo
|
Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the category_name parameter in an a…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4029
|
2024-11-21 10:42 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296280
|
8.8 |
HIGH
Network
|
contao
|
contao
|
contao prior to 2.11.4 has a sql injection vulnerability
|
CWE-89
SQL Injection
|
CVE-2012-4383
|
2024-11-21 10:42 |
2020-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
