|
302871
|
- |
|
intuit
|
quickbooks
|
Intuit QuickBooks 2009 through 2012 might allow remote attackers to obtain pathname information via the qbwc://docontrol/GetCompanyFile functionality.
|
CWE-200
Information Exposure
|
CVE-2012-2422
|
2024-11-21 10:39 |
2012-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302872
|
- |
|
intuit
|
quickbooks
|
Absolute path traversal vulnerability in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Int…
|
CWE-22
Path Traversal
|
CVE-2012-2421
|
2024-11-21 10:39 |
2012-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302873
|
- |
|
intuit
|
quickbooks
|
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, might allow remot…
|
CWE-200
Information Exposure
|
CVE-2012-2420
|
2024-11-21 10:39 |
2012-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302874
|
- |
|
intuit
|
quickbooks
|
Memory leak in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, al…
|
CWE-399
Resource Management Errors
|
CVE-2012-2419
|
2024-11-21 10:39 |
2012-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302875
|
- |
|
intuit
|
quickbooks
|
Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2418
|
2024-11-21 10:39 |
2012-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302876
|
- |
|
maian
menalto
|
gallery
|
Gallery 2 before 2.3.2 and 3 before 3.0.3 does not properly implement encryption, which has unspecified impact and attack vectors, a different vulnerability than CVE-2012-1113.
|
CWE-310
Cryptographic Issues
|
CVE-2012-2405
|
2024-11-21 10:39 |
2012-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302877
|
- |
|
wordpress
|
wordpress
|
wp-comments-post.php in WordPress before 3.3.2 supports offsite redirects, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-2404
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302878
|
- |
|
wordpress
|
wordpress
|
wp-includes/formatting.php in WordPress before 3.3.2 attempts to enable clickable links inside attributes, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2403
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302879
|
- |
|
wordpress
|
wordpress
|
wp-admin/plugins.php in WordPress before 3.3.2 allows remote authenticated site administrators to bypass intended access restrictions and deactivate network-wide plugins via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2402
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302880
|
- |
|
moxiecode
wordpress
|
plupload
wordpress
|
Plupload before 1.5.4, as used in wp-includes/js/plupload/ in WordPress before 3.3.2 and other products, enables scripting regardless of the domain from which the SWF content was loaded, which allows…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2401
|
2024-11-21 10:39 |
2012-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
