|
303341
|
- |
|
orangehrm
|
orangehrm
|
Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.7 allow remote attackers to inject arbitrary web script or HTML via the (1) newHspStatus parameter to plugins/ajaxCalls/haltR…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1507
|
2024-11-21 10:37 |
2014-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303342
|
- |
|
orangehrm
|
orangehrm
|
SQL injection vulnerability in the updateStatus function in lib/models/benefits/Hsp.php in OrangeHRM before 2.7 allows remote authenticated users to execute arbitrary SQL commands via the hspSummaryI…
|
CWE-89
SQL Injection
|
CVE-2012-1506
|
2024-11-21 10:37 |
2014-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303343
|
- |
|
synology
|
diskstation_manager
synology_photo_station
|
Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to ph…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1556
|
2024-11-21 10:37 |
2014-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303344
|
- |
|
sixapart
|
movable_type
|
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.
|
CWE-79
Cross-site Scripting
|
CVE-2012-1503
|
2024-11-21 10:37 |
2014-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303345
|
- |
|
apache
|
ofbiz
|
Multiple cross-site scripting (XSS) vulnerabilities in Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.02 allow remote attackers to inject arbitrary web script or HTML via (1) a par…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1621
|
2024-11-21 10:37 |
2014-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303346
|
- |
|
phppgadmin_project
opensuse
|
phppgadmin
opensuse
|
Multiple cross-site scripting (XSS) vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) name or (2) type of a functio…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1600
|
2024-11-21 10:37 |
2014-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303347
|
- |
|
danielb
|
finder
|
Cross-site scripting (XSS) vulnerability in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1561
|
2024-11-21 10:37 |
2014-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303348
|
- |
|
cms_tree_page_view_project
|
cms_tree_page_view
|
Cross-site scripting (XSS) vulnerability in the cms_tpv_admin_head function in functions.php in the CMS Tree Page View plugin before 0.8.9 for WordPress allows remote attackers to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1834
|
2024-11-21 10:37 |
2014-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303349
|
- |
|
fedoraproject
redhat
|
fedora
enterprise_linux
|
The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bi…
|
NVD-CWE-noinfo
|
CVE-2012-1568
|
2024-11-21 10:37 |
2013-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303350
|
- |
|
oracle
|
javafx
|
Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a diff…
|
NVD-CWE-noinfo
|
CVE-2012-1543
|
2024-11-21 10:37 |
2013-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
