|
303011
|
- |
|
gajim
|
gajim
|
The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute.
|
CWE-94
Code Injection
|
CVE-2012-2085
|
2024-11-21 10:38 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303012
|
- |
|
andreas_gohr
|
dokuwiki
|
Cross-site scripting (XSS) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to inject arbitrary web script or HTML via the target parameter in an edit action.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2129
|
2024-11-21 10:38 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303013
|
- |
|
andreas_gohr
|
dokuwiki
|
Cross-site request forgery (CSRF) vulnerability in doku.php in DokuWiki 2012-01-25 Angua allows remote attackers to hijack the authentication of administrators for requests that add arbitrary users. …
|
CWE-352
Origin Validation Error
|
CVE-2012-2128
|
2024-11-21 10:38 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303014
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the Exception Handler in TYPO3 4.4.x before 4.4.15, 4.5.x before 4.5.15, 4.6.x before 4.6.8, and 4.7 allows remote attackers to inject arbitrary web script…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2112
|
2024-11-21 10:38 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303015
|
- |
|
sourcefabric
|
newscoop
|
Multiple cross-site scripting (XSS) vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4.x before 4 RC4 allow remote attackers to inject arbitrary web script or HTML via the (1) Back parameter to adm…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1935
|
2024-11-21 10:38 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303016
|
- |
|
sourcefabric
|
newscoop
|
SQL injection vulnerability in admin/country/edit.php in Newscoop before 3.5.5 and 4.x before 4 RC4 allows remote attackers to execute arbitrary SQL commands via the f_country_code parameter.
|
CWE-89
SQL Injection
|
CVE-2012-1934
|
2024-11-21 10:38 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303017
|
- |
|
sourcefabric
|
newscoop
|
Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in…
|
CWE-94
Code Injection
|
CVE-2012-1933
|
2024-11-21 10:38 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303018
|
- |
|
creative_commons_module_project
|
creativecommons
|
Multiple cross-site scripting (XSS) vulnerabilities in the Creative Commons module 6.x-1.x before 6.x-1.1 for Drupal allow remote authenticated users with the administer creative commons permission t…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2297
|
2024-11-21 10:38 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303019
|
- |
|
munin-monitoring
|
munin
|
munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a denial of service (disk or memory consumption) via many image requests with large values in the (1) size_x or (2) size_y parameters.
|
CWE-399
Resource Management Errors
|
CVE-2012-2147
|
2024-11-21 10:38 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303020
|
- |
|
ematia
|
elixir
|
Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector (IV), which makes it easier for context-dependent users to obtain sensitive information and decrypt the data…
|
CWE-310
Cryptographic Issues
|
CVE-2012-2146
|
2024-11-21 10:38 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
