|
301441
|
- |
|
adobe
|
flash_player
air
air_sdk
|
Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4163
|
2024-11-21 10:42 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301442
|
- |
|
phpmyadmin
|
phpmyadmin
|
show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, relate…
|
CWE-200
Information Exposure
|
CVE-2012-4219
|
2024-11-21 10:42 |
2012-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301443
|
- |
|
adobe
|
acrobat_reader
|
Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF docume…
|
NVD-CWE-noinfo
|
CVE-2012-4363
|
2024-11-21 10:42 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301444
|
- |
|
hp
|
san\/iq
|
hydra.exe in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance has a hardcoded password of L0CAlu53R for the global$agent account, which allows remote attackers to obtain access to a management se…
|
CWE-255
Credentials Management
|
CVE-2012-4362
|
2024-11-21 10:42 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301445
|
- |
|
hp
|
san\/iq
|
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote authenticated users to execute arbitrary commands via shell metacharacters in the second parameter.
|
CWE-78
OS Command
|
CVE-2012-4361
|
2024-11-21 10:42 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301446
|
- |
|
tecnick
|
tcexam
|
Cross-site scripting (XSS) vulnerability in admin/code/tce_edit_answer.php in TCExam before 11.3.008 allows remote authenticated users with level 5 or greater permissions to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4238
|
2024-11-21 10:42 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301447
|
- |
|
tecnick
|
tcexam
|
Multiple SQL injection vulnerabilities in TCExam before 11.3.008 allow remote authenticated users with level 5 or greater permissions to execute arbitrary SQL commands via the subject_module_id param…
|
CWE-89
SQL Injection
|
CVE-2012-4237
|
2024-11-21 10:42 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301448
|
- |
|
jease
|
jease
|
Multiple cross-site scripting (XSS) vulnerabilities in Jease before 2.9, when creating a comment, allow remote attackers to inject arbitrary web script or HTML via the (1) author, (2) subject, or (3)…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4052
|
2024-11-21 10:42 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301449
|
- |
|
totalshopuk
|
ecommerce
|
Cross-site scripting (XSS) vulnerability in the refresh_page function in application/modules/_main/views/_top.php in Total Shop UK eCommerce Open Source before 2.1.2_p1 allows remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4236
|
2024-11-21 10:42 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301450
|
- |
|
sielcosistemi
|
winlog_pro
winlog_lite
|
Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of servic…
|
CWE-20
Improper Input Validation
|
CVE-2012-4359
|
2024-11-21 10:42 |
2012-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
