260841
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in group/members.php in Mahara 1.5.x before 1.5.7 and 1.6.x before 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the query paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2253
|
2013-04-19 12:21 |
2012-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260842
|
- |
|
emc
|
networker_module_for_microsoft_applications
|
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local use…
|
CWE-255
Credentials Management
|
CVE-2012-2284
|
2013-04-19 12:21 |
2012-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260843
|
- |
|
emc
|
networker_module_for_microsoft_applications
|
The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted messag…
|
CWE-94
Code Injection
|
CVE-2012-2290
|
2013-04-19 12:21 |
2012-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260844
|
- |
|
w1.fi
|
hostapd
|
hostapd 0.7.3, and possibly other versions before 1.0, uses 0644 permissions for /etc/hostapd/hostapd.conf, which might allow local users to obtain sensitive information such as credentials.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2389
|
2013-04-19 12:21 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260845
|
- |
|
matthias_klose
|
fastjar
|
Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a full pathname for a file within a .…
|
CWE-22
Path Traversal
|
CVE-2010-2322
|
2013-04-19 12:03 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260846
|
- |
|
matthias_klose
|
fastjar
|
Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname …
|
CWE-22
Path Traversal
|
CVE-2010-0831
|
2013-04-19 11:59 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260847
|
- |
|
bibtex
|
bibtex
|
Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a long .bib bibliography file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1284
|
2013-04-19 11:49 |
2009-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260848
|
- |
|
matthias_klose
|
bash-doc
|
bash-doc 3.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/cb#####.? temporary file, related to the (1) aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts.
|
CWE-59
Link Following
|
CVE-2008-5374
|
2013-04-19 11:42 |
2008-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260849
|
- |
|
chatelao
|
php_address_book
|
Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) edit.php or (2) import.php. NOTE: the view…
|
CWE-89
SQL Injection
|
CVE-2013-1748
|
2013-04-19 01:19 |
2013-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260850
|
- |
|
chatelao
|
php_address_book
|
Cross-site scripting (XSS) vulnerability in edit.php in PHP Address Book 8.2.5 allows user-assisted remote attackers to inject arbitrary web script or HTML via the Address field.
|
CWE-79
Cross-site Scripting
|
CVE-2013-1749
|
2013-04-18 20:33 |
2013-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|