|
304031
|
- |
|
11in1
|
11in1
|
Cross-site request forgery (CSRF) vulnerability in admin/index.php in 11in1 1.2.1 stable 12-31-2011 allows remote attackers to hijack the authentication of administrators for requests that add new to…
|
CWE-352
Origin Validation Error
|
CVE-2012-0997
|
2024-11-21 10:36 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304032
|
- |
|
11in1
|
11in1
|
Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/in…
|
CWE-22
Path Traversal
|
CVE-2012-0996
|
2024-11-21 10:36 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304033
|
- |
|
contimex
|
impulsio_cms
|
SQL injection vulnerability in CONTIMEX Impulsio CMS allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2012-1294
|
2024-11-21 10:36 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304034
|
- |
|
sap
|
netweaver
|
Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the MessagingSystem Performance Data via unspecified vector…
|
NVD-CWE-noinfo
|
CVE-2012-1292
|
2024-11-21 10:36 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304035
|
- |
|
sap
|
netweaver
|
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote attackers to obtain sensitive information about the Adapter Monitor via unspecifie…
|
NVD-CWE-noinfo
|
CVE-2012-1291
|
2024-11-21 10:36 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304036
|
- |
|
sap
|
netweaver
|
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote attackers to inject arbitrary web script or HTML via th…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1290
|
2024-11-21 10:36 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304037
|
- |
|
sap
|
netweaver
|
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or …
|
CWE-22
Path Traversal
|
CVE-2012-1289
|
2024-11-21 10:36 |
2012-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304038
|
- |
|
utc
|
utc_fire_\&_security_ge-mc100-ntp\/gps-zb_master_clock_device
|
The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote attackers to obtain access via an HTTP sessi…
|
CWE-255
Credentials Management
|
CVE-2012-1288
|
2024-11-21 10:36 |
2012-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304039
|
- |
|
easyvista
|
easyvista
|
The single sign-on (SSO) implementation in EasyVista before 2010.1.1.89 allows remote attackers to bypass authentication via a modified url_account parameter, in conjunction with a valid login name i…
|
CWE-287
Improper Authentication
|
CVE-2012-1256
|
2024-11-21 10:36 |
2012-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304040
|
- |
|
advantech
|
advantech_webaccess
|
Cross-site request forgery (CSRF) vulnerability in Advantech/BroadWin WebAccess 7.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. NOTE: t…
|
CWE-352
Origin Validation Error
|
CVE-2012-1235
|
2024-11-21 10:36 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
