|
297711
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 use an XOR format for password encryption, which makes it easier for context-dependent attackers to obtain sensitive information by reading a…
|
CWE-310
Cryptographic Issues
|
CVE-2012-4946
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297712
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection" issue.
|
CWE-20
Improper Input Validation
|
CVE-2012-4945
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297713
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified …
|
NVD-CWE-Other
|
CVE-2012-4944
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297714
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requ…
|
CWE-352
Origin Validation Error
|
CVE-2012-4943
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297715
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple cross-site scripting (XSS) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to inject arbitrary web script or HTML via an arbitrary text fi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4942
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297716
|
- |
|
agilefleet
|
fleetcommander
fleetcommander_kiosk
|
Multiple SQL injection vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-4941
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297717
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site scripting (XSS) vulnerability in the web interface in Pattern Insight 2.3 allows remote authenticated administrators to inject arbitrary web script or HTML via the banner message.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4938
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297718
|
- |
|
patterninsight
|
pattern_insight
|
Session fixation vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack web sessions via a jsession_id cookie.
|
NVD-CWE-Other
|
CVE-2012-4937
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297719
|
- |
|
patterninsight
|
pattern_insight
|
The web interface in Pattern Insight 2.3 allows remote attackers to conduct clickjacking attacks via a FRAME element.
|
NVD-CWE-Other
|
CVE-2012-4936
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297720
|
- |
|
patterninsight
|
pattern_insight
|
Cross-site request forgery (CSRF) vulnerability in the web interface in Pattern Insight 2.3 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2012-4935
|
2024-11-21 10:43 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
