|
301831
|
- |
|
nikola_posa
|
webfoliocms
|
Multiple cross-site scripting (XSS) vulnerabilities in webfolio/admin/users/edit in Webfolio CMS 1.1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) First name…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1899
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301832
|
- |
|
teamst
|
testlink
|
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and earlier allow remote attackers to hijack the authentication of users for requests that add, delete, or modify sensitiv…
|
CWE-352
Origin Validation Error
|
CVE-2012-2275
|
2024-11-21 10:38 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301833
|
- |
|
adobe
|
coldfusion
|
Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-2048
|
2024-11-21 10:38 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301834
|
- |
|
ibm
|
tivoli_asset_management_for_it
maximo_asset_management
smartcloud_control_desk
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
|
IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Mana…
|
CWE-200
Information Exposure
|
CVE-2012-2185
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301835
|
- |
|
ibm
|
tivoli_asset_management_for_it
smartcloud_control_desk
change_and_configuration_management_database
maximo_asset_management
maximo_service_desk
tivoli_service_request_manager
|
Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk,…
|
NVD-CWE-Other
|
CVE-2012-2184
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301836
|
- |
|
ibm
|
tivoli_asset_management_for_it
maximo_asset_management
smartcloud_control_desk
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
|
Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk,…
|
NVD-CWE-Other
|
CVE-2012-2183
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301837
|
- |
|
openkm
|
openkm
|
Cross-site request forgery (CSRF) vulnerability in servlet/admin/AuthServlet.java in OpenKM 5.1.7 and other versions before 5.1.8-2 allows remote attackers to hijack the authentication of administrat…
|
CWE-352
Origin Validation Error
|
CVE-2012-2316
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301838
|
- |
|
openkm
|
openkm
|
admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2315
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301839
|
- |
|
open-emr
|
openemr
|
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the u parameter.
|
CWE-89
SQL Injection
|
CVE-2012-2115
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301840
|
- |
|
chatelao
|
php_address_book
|
Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter. NOTE: the index…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1912
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
