|
302431
|
- |
|
teamst
|
testlink
|
Multiple cross-site request forgery (CSRF) vulnerabilities in TestLink 1.9.3 and earlier allow remote attackers to hijack the authentication of users for requests that add, delete, or modify sensitiv…
|
CWE-352
Origin Validation Error
|
CVE-2012-2275
|
2024-11-21 10:38 |
2012-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302432
|
- |
|
adobe
|
coldfusion
|
Unspecified vulnerability in Adobe ColdFusion 10 and earlier allows attackers to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-2048
|
2024-11-21 10:38 |
2012-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302433
|
- |
|
ibm
|
tivoli_asset_management_for_it
maximo_asset_management
smartcloud_control_desk
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
|
IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Mana…
|
CWE-200
Information Exposure
|
CVE-2012-2185
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302434
|
- |
|
ibm
|
tivoli_asset_management_for_it
smartcloud_control_desk
change_and_configuration_management_database
maximo_asset_management
maximo_service_desk
tivoli_service_request_manager
|
Session fixation vulnerability in IBM Maximo Asset Management 7.1 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk,…
|
NVD-CWE-Other
|
CVE-2012-2184
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302435
|
- |
|
ibm
|
tivoli_asset_management_for_it
maximo_asset_management
smartcloud_control_desk
change_and_configuration_management_database
maximo_service_desk
tivoli_service_request_manager
|
Session fixation vulnerability in IBM Maximo Asset Management 6.2 through 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk,…
|
NVD-CWE-Other
|
CVE-2012-2183
|
2024-11-21 10:38 |
2012-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302436
|
- |
|
openkm
|
openkm
|
Cross-site request forgery (CSRF) vulnerability in servlet/admin/AuthServlet.java in OpenKM 5.1.7 and other versions before 5.1.8-2 allows remote attackers to hijack the authentication of administrat…
|
CWE-352
Origin Validation Error
|
CVE-2012-2316
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302437
|
- |
|
openkm
|
openkm
|
admin/Auth in OpenKM 5.1.7 and other versions before 5.1.8-2 does not properly enforce privileges for changing user roles, which allows remote authenticated users to assign administrator privileges t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2315
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302438
|
- |
|
open-emr
|
openemr
|
SQL injection vulnerability in interface/login/validateUser.php in OpenEMR 4.1.0 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the u parameter.
|
CWE-89
SQL Injection
|
CVE-2012-2115
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302439
|
- |
|
chatelao
|
php_address_book
|
Cross-site scripting (XSS) vulnerability in preferences.php in PHP Address Book 7.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the from parameter. NOTE: the index…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1912
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302440
|
- |
|
chatelao
|
php_address_book
|
Multiple SQL injection vulnerabilities in PHP Address Book 6.2.12 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) to_group parameter to group.php or (2) id parameter …
|
CWE-89
SQL Injection
|
CVE-2012-1911
|
2024-11-21 10:38 |
2012-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
