|
301941
|
- |
|
sven_decabooter
|
uc_paydutchgroup_\/_wedeal_payment
|
Unspecified vulnerability in the UC PayDutchGroup / WeDeal payment module 6.x-1.0 for Drupal allows remote authenticated users to obtain account credentials via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2012-1655
|
2024-11-21 10:37 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301942
|
- |
|
alex_barth
|
data
|
Multiple cross-site scripting (XSS) vulnerabilities in the Data module 6.x-1.x before 6.x-1.0 and 7.x-1.x before 7.x-1.0-alpha3 for Drupal allow remote authenticated users with the administer data ta…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1654
|
2024-11-21 10:37 |
2012-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301943
|
- |
|
microsoft
|
visual_studio_team_foundation_server
|
Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "X…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1892
|
2024-11-21 10:37 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301944
|
- |
|
danielb
|
cool_aid
|
Cool Aid module before 6.x-1.9 for Drupal does not enforce access restrictions, which allows remote authenticated users with the administer coolaid permission to modify arbitrary pages via unspecifie…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1649
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301945
|
- |
|
danielb
|
cool_aid
|
Cross-site scripting (XSS) vulnerability in the Cool Aid module before 6.x-1.9 for Drupal allows remote authenticated users with the administer coolaid permission to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1648
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301946
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in the wikitext parser in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to inject arbitrary web script or HTML via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1582
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301947
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1581
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301948
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in Special:Upload in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allows remote attackers to hijack the authentication of unspecified victim…
|
CWE-352
Origin Validation Error
|
CVE-2012-1580
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301949
|
- |
|
mediawiki
|
mediawiki
|
The resource loader in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 includes private data such as CSRF tokens in a JavaScript file, which allows remote attackers to obtain sensitive inform…
|
CWE-200
Information Exposure
|
CVE-2012-1579
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301950
|
- |
|
mediawiki
|
mediawiki
|
Multiple cross-site request forgery (CSRF) vulnerabilities in MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 allow remote attackers to hijack the authentication of users with the block permi…
|
CWE-352
Origin Validation Error
|
CVE-2012-1578
|
2024-11-21 10:37 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
