257031
|
- |
|
egroupware
|
egroupware egroupware_enterprise_line
|
Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/test.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4950
|
2012-09-4 03:31 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257032
|
- |
|
spamtitan
|
spamtitan
|
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5150
|
2012-09-4 03:10 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257033
|
- |
|
packetfence
|
packetfence
|
The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2012-4742
|
2012-09-3 13:00 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257034
|
- |
|
zte
|
zxdsl
|
Cross-site request forgery (CSRF) vulnerability in accessaccount.cgi in ZTE ZXDSL 831IIV7.5.0a_Z29_OV allows remote attackers to hijack the authentication of administrators for requests that change t…
|
CWE-352
Origin Validation Error
|
CVE-2012-4746
|
2012-09-3 13:00 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257035
|
- |
|
egroupware
|
egroupware egroupware_enterprise_line
|
Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to re…
|
CWE-22
Path Traversal
|
CVE-2011-4948
|
2012-09-3 13:00 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257036
|
- |
|
comodo
|
comodo_internet_security
|
The Antivirus component in Comodo Internet Security before 3.11.108364.552 allows remote attackers to cause a denial of service (memory consumption) via a crafted compressed file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-5123
|
2012-09-3 13:00 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257037
|
- |
|
digium
|
asterisk
|
The handle_request_info function in channels/chan_sip.c in Asterisk Open Source 1.6.2.x before 1.6.2.21 and 1.8.x before 1.8.7.2, when automon is enabled, allows remote attackers to cause a denial of…
|
CWE-200
Information Exposure
|
CVE-2011-4598
|
2012-09-1 12:38 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257038
|
- |
|
vbulletin
|
vbulletin
|
SQL injection vulnerability in announcement.php in vBulletin 4.1.10 allows remote attackers to execute arbitrary SQL commands via the announcementid parameter.
|
CWE-89
SQL Injection
|
CVE-2012-4686
|
2012-08-29 23:34 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257039
|
- |
|
rik_de_boer
|
revisioning
|
The hook_node_access function in the revisioning module 7.x-1.x before 7.x-1.3 for Drupal checks the permissions of the current user even when it is called to check permissions of other users, which …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1635
|
2012-08-29 13:00 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257040
|
- |
|
danielb
|
finder
|
The finder_import function in the Finder module 6.x-1.x before 6.x-1.26, 7.x-1.x, and 7.x-2.x before 7.x-2.0-alpha8 for Drupal allows remote authenticated users with the administer finder permission …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1641
|
2012-08-29 13:00 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|