257001
|
- |
|
albelli
|
fotobook_editor_5.0
|
Untrusted search path vulnerability in Fotobook Editor 5.0 2.8.0.1 allows local users to gain privileges via a Trojan horse Fwpuclnt.dll file in the current working directory, as demonstrated by a di…
|
NVD-CWE-Other
|
CVE-2010-5214
|
2012-09-7 02:35 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257002
|
- |
|
albelli
|
fotobook_editor_5.0
|
Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426 Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2010-5214
|
2012-09-7 02:35 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257003
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ownCloud before 4.0.5 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-4753
|
2012-09-7 01:11 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257004
|
- |
|
owncloud
|
owncloud
|
appconfig.php in ownCloud before 4.0.6 does not properly restrict access, which allows remote authenticated users to edit app configurations via unspecified vectors. NOTE: this can be leveraged by u…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4752
|
2012-09-7 01:09 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257005
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) calendar displayname to part.choosecalendar.rowf…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4397
|
2012-09-7 01:05 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257006
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) file names to apps/user_ldap/settings.php; (2) u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4396
|
2012-09-7 00:43 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257007
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in index.php in ownCloud before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the redirect_url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4395
|
2012-09-7 00:39 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257008
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4394
|
2012-09-7 00:36 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257009
|
- |
|
x.org
|
x.org
|
The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a cl…
|
CWE-20
Improper Input Validation
|
CVE-2010-4818
|
2012-09-6 22:40 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257010
|
- |
|
wikkawiki
|
wikkawiki
|
Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remov…
|
CWE-352
Origin Validation Error
|
CVE-2011-4452
|
2012-09-6 22:08 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|