|
297461
|
- |
|
palo_alto
|
networks
global_protected_gateway
ssl_vpn
|
Cross-site scripting (XSS) vulnerability in global-protect/login.esp in Palo Alto Networks Global Protect Portal, Global Protect Gateway, and SSL VPN portals 3.1.x through 3.1.11 and 4.0.x through 4.…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4043
|
2024-11-21 10:42 |
2012-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297462
|
- |
|
asp-dev
|
xm_diary
|
Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to diary_view.asp or (2) view_date parameter to default.as…
|
CWE-89
SQL Injection
|
CVE-2012-4061
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297463
|
- |
|
asp-dev
|
xm_forums
|
Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp.
|
CWE-89
SQL Injection
|
CVE-2012-4060
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297464
|
- |
|
socketmail
|
socketmail
|
Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user sec…
|
CWE-352
Origin Validation Error
|
CVE-2012-4059
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297465
|
- |
|
socketmail
|
socketmail
|
Cross-site scripting (XSS) vulnerability in SocketMail Pro 2.2.9 allows remote attackers to inject arbitrary web script or HTML via the subject of an email.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4058
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297466
|
- |
|
twd-industries
|
remote-anything
|
Buffer overflow in the Player in Remote-Anything 5.60.15 allows remote attackers to execute arbitrary code via a crafted flm file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4057
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297467
|
- |
|
uiga
|
personal_portal
|
SQL injection vulnerability in index2.php in Uiga Personal Portal allows remote attackers to execute arbitrary SQL commands via the p parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4056
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297468
|
- |
|
uiga
|
fan_club
|
SQL injection vulnerability in index2.php in Uiga Fan Club allows remote attackers to execute arbitrary SQL commands via the p parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4055
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297469
|
- |
|
cpe17
|
autorun_killer
|
Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and earlier allows physically proximate attackers to execute arbitrary code via a crafted inf file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4054
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297470
|
- |
|
ez
|
ez_publish
|
Cross-site request forgery (CSRF) vulnerability in eZOE flash player in eZ Publish 4.1 through 4.6 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-4053
|
2024-11-21 10:42 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
