|
301281
|
- |
|
apache
|
http_server
|
The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http.c in the mod_proxy_http module in the Apache HTTP Server 2.4.x before 2.4.3 does not properly determi…
|
CWE-200
Information Exposure
|
CVE-2012-3502
|
2024-11-21 10:41 |
2012-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301282
|
- |
|
redaxo
|
redaxo
|
Cross-site scripting (XSS) vulnerability in include/classes/class.rex_list.inc.php in REDAXO 4.3.x and 4.4 allows remote attackers to inject arbitrary web script or HTML via the subpage parameter to …
|
CWE-79
Cross-site Scripting
|
CVE-2012-3869
|
2024-11-21 10:41 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301283
|
- |
|
phplist
|
phplist
|
SQL injection vulnerability in admin/index.php in phpList before 2.10.19 allows remote administrators to execute arbitrary SQL commands via the delete parameter to the editattributes page.
|
CWE-89
SQL Injection
|
CVE-2012-3953
|
2024-11-21 10:41 |
2012-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301284
|
- |
|
phplist
|
phplist
|
Cross-site scripting (XSS) vulnerability in admin/index.php in phpList before 2.10.19 allows remote attackers to inject arbitrary web script or HTML via the unconfirmed parameter to the user page.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3952
|
2024-11-21 10:41 |
2012-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301285
|
- |
|
rsgallery2
|
com_rsgallery2
|
SQL injection vulnerability in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to execute arbitrary SQL commands …
|
CWE-89
SQL Injection
|
CVE-2012-3554
|
2024-11-21 10:41 |
2012-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301286
|
- |
|
puppetlabs
puppet
debian
canonical
suse
opensuse
|
puppet
debian_linux
ubuntu_linux
linux_enterprise_server
linux_enterprise_desktop
opensuse
puppet_enterprise
|
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Ce…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3867
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301287
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration in…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-3866
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301288
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remot…
|
CWE-22
Path Traversal
|
CVE-2012-3865
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301289
|
- |
|
puppetlabs
puppet
|
puppet
puppet_enterprise
|
Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user…
|
CWE-200
Information Exposure
|
CVE-2012-3864
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301290
|
- |
|
bitcoin
|
bitcoin_core
|
Unspecified vulnerability in bitcoind and Bitcoin-Qt before 0.4.7rc3, 0.5.x before 0.5.6rc3, 0.6.0.x before 0.6.0.9rc1, and 0.6.x before 0.6.3rc1 allows remote attackers to cause a denial of service …
|
NVD-CWE-noinfo
|
CVE-2012-3789
|
2024-11-21 10:41 |
2012-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
