|
301791
|
- |
|
episerver
|
episerver_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in the admin interface in EPiServer CMS through 6R2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1034
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301792
|
- |
|
episerver
|
episerver_cms
|
Unspecified vulnerability in EPiServer CMS 5 and 6 through 6R2, in certain configurations using Forms Authentication, allows remote authenticated users to obtain WebAdmins access by leveraging Edit M…
|
NVD-CWE-noinfo
|
CVE-2012-1031
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301793
|
- |
|
officesip
|
officesip_server
|
OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message.
|
CWE-20
Improper Input Validation
|
CVE-2012-1008
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301794
|
- |
|
foswiki
|
foswiki
|
Multiple cross-site scripting (XSS) vulnerabilities in UI/Register.pm in Foswiki before 1.1.5 allow remote authenticated users with CHANGE privileges to inject arbitrary web script or HTML via the (1…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1004
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301795
|
- |
|
zakongroup
|
openconf
|
SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
|
NVD-CWE-noinfo
|
CVE-2012-1002
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301796
|
- |
|
tubeace
|
tube_ace
|
SQL injection vulnerability in mobile/search/index.php in Tube Ace (Adult PHP Tube Script) 1.6 allows remote attackers to execute arbitrary SQL commands via the q parameter. NOTE: some of these deta…
|
CWE-89
SQL Injection
|
CVE-2012-1029
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301797
|
- |
|
simple-groupware
|
simplegroupware
|
Cross-site scripting (XSS) vulnerability in bin/index.php in SimpleGroupware 0.742 and other versions before 0.743 allows remote attackers to inject arbitrary web script or HTML via the export parame…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1028
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301798
|
- |
|
project-open
|
\]project-open\[
|
Cross-site scripting (XSS) vulnerability in account-closed.tcl in ]project-open[ (aka ]po[) 3.4.x, 3.5.0.1-2, and possibly other versions allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1027
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301799
|
- |
|
johannes_ekberg
|
xray_cms
|
Multiple SQL injection vulnerabilities in login2.php in XRay CMS 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameters.
|
CWE-89
SQL Injection
|
CVE-2012-1026
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301800
|
- |
|
dream-multimedia-tv
|
enigma2_webinterface
|
Absolute path traversal vulnerability in file in Enigma2 Webinterface 1.6.0 through 1.6.8, 1.6rc3, and 1.7.0 allows remote attackers to read arbitrary files via a full pathname in the file parameter.
|
CWE-22
Path Traversal
|
CVE-2012-1025
|
2024-11-21 10:36 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
