|
302411
|
- |
|
ivano_binetti
|
wolf_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user[name], (2) us…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1898
|
2024-11-21 10:38 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302412
|
- |
|
wolfcms
|
wolf_cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via th…
|
CWE-352
Origin Validation Error
|
CVE-2012-1897
|
2024-11-21 10:38 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302413
|
- |
|
devscripts_devel_team
|
devscripts
|
scripts/dget.pl in devscripts before 2.10.73 allows remote attackers to execute arbitrary commands via a crafted (1) .dsc or (2) .changes file, related to "arguments to external commands" that are no…
|
CWE-20
Improper Input Validation
|
CVE-2012-2242
|
2024-11-21 10:38 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302414
|
- |
|
devscripts_devel_team
|
devscripts
|
scripts/dget.pl in devscripts before 2.12.3 allows remote attackers to delete arbitrary files via a crafted (1) .dsc or (2) .changes file, probably related to a NULL byte in a filename.
|
CWE-20
Improper Input Validation
|
CVE-2012-2241
|
2024-11-21 10:38 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302415
|
- |
|
devscripts_devel_team
|
devscripts
|
scripts/dscverify.pl in devscripts before 2.12.3 allows remote attackers to execute arbitrary commands via unspecified vectors related to "arguments to external commands."
|
CWE-20
Improper Input Validation
|
CVE-2012-2240
|
2024-11-21 10:38 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302416
|
- |
|
drupal
|
drupal
|
Drupal 7.x before 7.14 does not properly restrict access to nodes in a list when using a "contributed node access module," which allows remote authenticated users with the "Access the content overvie…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2153
|
2024-11-21 10:38 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302417
|
- |
|
apache
|
qpid
|
Apache Qpid 0.17 and earlier does not properly restrict incoming client connections, which allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of inc…
|
CWE-399
Resource Management Errors
|
CVE-2012-2145
|
2024-11-21 10:38 |
2012-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302418
|
- |
|
ibm
|
websphere_mq
|
The server message channel agent in the queue manager in the server in IBM WebSphere MQ 7.0.1 before 7.0.1.9, 7.1, and 7.5 on Solaris allows remote attackers to cause a denial of service (invalid add…
|
CWE-399
Resource Management Errors
|
CVE-2012-2199
|
2024-11-21 10:38 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302419
|
- |
|
ibm
|
remote_supervisor_adapter_ii_firmware
|
IBM Remote Supervisor Adapter II firmware for System x3650, x3850 M2, and x3950 M2 1.13 and earlier generates weak RSA keys, which makes it easier for attackers to defeat cryptographic protection mec…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2187
|
2024-11-21 10:38 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302420
|
- |
|
emc
|
rsa_authentication_agent
rsa_authentication_client
|
The authentication functionality in EMC RSA Authentication Agent 7.1 and RSA Authentication Client 3.5 on Windows XP and Windows Server 2003, when an unspecified configuration exists, allows remote a…
|
CWE-287
Improper Authentication
|
CVE-2012-2287
|
2024-11-21 10:38 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
