|
257491
|
- |
|
cisco
|
unified_meetingplace
|
The web server in Cisco Unified MeetingPlace 6.1 and 8.5 produces different responses for directory queries depending on whether the directory exists, which allows remote attackers to enumerate direc…
|
CWE-200
Information Exposure
|
CVE-2011-4232
|
2012-05-30 12:40 |
2012-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257492
|
- |
|
pligg
|
pligg_cms
|
Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the captcha para…
|
CWE-22
Path Traversal
|
CVE-2012-2435
|
2012-05-29 13:00 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257493
|
- |
|
zen-cart
|
zen_cart
|
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1413
|
2012-05-28 13:00 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257494
|
- |
|
oscommerce
|
online_merchant
|
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php in OSCommerce Online Merchant 3.0.2, when the software is being installed, allows remote …
|
CWE-79
Cross-site Scripting
|
CVE-2012-1792
|
2012-05-28 13:00 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257495
|
- |
|
measuresoft
|
scadapro_client
scadapro_server
|
Untrusted search path vulnerability in Measuresoft ScadaPro Client before 4.0.0 and ScadaPro Server before 4.0.0 allows local users to gain privileges via a Trojan horse DLL in the current working di…
|
NVD-CWE-Other
|
CVE-2012-1824
|
2012-05-28 13:00 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257496
|
- |
|
sitracker
|
support_incident_tracker
|
Cross-site scripting (XSS) vulnerability in Support Incident Tracker (SiT!) 3.65 and earlier allows remote attackers to inject arbitrary web script or HTML via the id parameter to index.php, which is…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2235
|
2012-05-28 13:00 |
2012-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257497
|
- |
|
xarrow
|
xarrow
|
The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2012-2426
|
2012-05-28 13:00 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257498
|
- |
|
xarrow
|
xarrow
|
Heap-based buffer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via packets that trigger an invalid free operation.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-2427
|
2012-05-28 13:00 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257499
|
- |
|
xarrow
|
xarrow
|
Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation.
|
CWE-189
Numeric Errors
|
CVE-2012-2428
|
2012-05-28 13:00 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257500
|
- |
|
xarrow
|
xarrow
|
The server in xArrow before 3.4.1 performs an invalid read operation, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-189
Numeric Errors
|
CVE-2012-2429
|
2012-05-28 13:00 |
2012-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
