|
301841
|
- |
|
cisco
|
ios_xr
asr_9000_rsp440_router
crs_performance_route_processor
|
Cisco IOS XR before 4.2.1 on ASR 9000 series devices and CRS series devices allows remote attackers to cause a denial of service (packet transmission outage) via a crafted packet, aka Bug IDs CSCty94…
|
CWE-20
Improper Input Validation
|
CVE-2012-2488
|
2024-11-21 10:39 |
2012-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301842
|
- |
|
captcha
|
cryptographp
|
CRLF injection vulnerability in cryptographp.inc.php in Cryptographp allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the cfg parameter.
|
NVD-CWE-Other
|
CVE-2012-2943
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301843
|
- |
|
haproxy
|
haproxy
|
Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2942
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301844
|
- |
|
yandex
|
yandex.server_2010
|
Cross-site scripting (XSS) vulnerability in search/ in Yandex.Server 2010 9.0 Enterprise allows remote attackers to inject arbitrary web script or HTML via the text parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2941
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301845
|
- |
|
mediachance
|
real-draw_pro
|
MediaChance Real-DRAW PRO 5.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted (1) PNG, (2) WMF, (3) PSD, (4) TGA, (5) TTF, (6) BMP, (7) TIFF, or (8) PCX file.
|
CWE-20
Improper Input Validation
|
CVE-2012-2940
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301846
|
- |
|
itechscripts
|
travelon_express
|
Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airli…
|
NVD-CWE-Other
|
CVE-2012-2939
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301847
|
- |
|
itechscripts
|
travelon_express
|
Multiple cross-site scripting (XSS) vulnerabilities in Travelon Express 6.2.2 allow remote attackers to inject arbitrary web script or HTML via the holiday name field to (1) holiday_add.php or (2) ho…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2938
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301848
|
- |
|
pligg
|
pligg_cms
|
Multiple SQL injection vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to execute arbitrary SQL commands via the (1) list parameter in a move action to admin/admin_index.php, (2) dis…
|
CWE-89
SQL Injection
|
CVE-2012-2937
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301849
|
- |
|
pligg
|
pligg_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) user or (2) page parameter to (a) admin/admin_c…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2936
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301850
|
- |
|
pligg
|
pligg_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter in a move or (2) minimize ac…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2436
|
2024-11-21 10:39 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
