|
302011
|
- |
|
nijskens_raf
|
admintools
|
Cross-site scripting (XSS) vulnerability in the Admin tools module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2060
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302012
|
- |
|
steve_lockwood
|
ticketyboo_news_ticker
|
Cross-site scripting (XSS) vulnerability in the ticketyboo News Ticker module for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2059
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302013
|
- |
|
paypal
|
ubercart_payflow
|
The Ubercart Payflow module for Drupal does not use a secure token, which allows remote attackers to forge payments via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2058
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302014
|
- |
|
miura
|
ubercart_bulk_stock_updater
|
Cross-site request forgery (CSRF) vulnerability in the Ubercart Bulk Stock Updater module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors re…
|
CWE-352
Origin Validation Error
|
CVE-2012-2057
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302015
|
- |
|
nathan_brink
|
content_lock
|
Cross-site request forgery (CSRF) vulnerability in the Content Lock module for Drupal allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-2056
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302016
|
- |
|
nikola_posa
|
webfoliocms
|
Multiple cross-site scripting (XSS) vulnerabilities in webfolio/admin/users/edit in Webfolio CMS 1.1.4 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) First name…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1899
|
2024-11-21 10:38 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302017
|
- |
|
teamst
|
testlink
|
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and earlier allow remote attackers to hijack the authentication of users for requests that add, delete, or modify sensitiv…
|
CWE-352
Origin Validation Error
|
CVE-2012-2275
|
2024-11-21 10:38 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302018
|
- |
|
adobe
|
coldfusion
|
Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-2048
|
2024-11-21 10:38 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302019
|
- |
|
ibm
|
tivoli_asset_management_for_it
maximo_asset_management
smartcloud_control_desk
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
|
IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Mana…
|
CWE-200
Information Exposure
|
CVE-2012-2185
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302020
|
- |
|
ibm
|
tivoli_asset_management_for_it
smartcloud_control_desk
change_and_configuration_management_database
maximo_asset_management
maximo_service_desk
tivoli_service_request_manager
|
Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk,…
|
NVD-CWE-Other
|
CVE-2012-2184
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
