257131
|
- |
|
itechscripts
|
proman_xpress
|
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of thes…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4266
|
2012-08-15 03:26 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257132
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2012-2327
|
2012-08-14 22:49 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257133
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malforme…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2326
|
2012-08-14 22:48 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257134
|
- |
|
mybb
|
mybb
|
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL com…
|
CWE-89
SQL Injection
|
CVE-2012-2325
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257135
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in serendipity/serendipity_admin_image_selector.php in Serendipity before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the serendi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2331
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257136
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. …
|
CWE-89
SQL Injection
|
CVE-2012-2332
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257137
|
- |
|
bytemark
|
symbiosis
|
Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password.
|
CWE-20
Improper Input Validation
|
CVE-2012-2368
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257138
|
- |
|
mnt-tech
|
wp-facethumb
|
Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb param…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2371
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257139
|
- |
|
redaxo
|
redaxo
|
Cross-site scripting (XSS) vulnerability in include/classes/class.rex_list.inc.php in REDAXO 4.3.x and 4.4 allows remote attackers to inject arbitrary web script or HTML via the subpage parameter to …
|
CWE-79
Cross-site Scripting
|
CVE-2012-3869
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257140
|
- |
|
mysqldumper
|
mysqldumper
|
MySQLDumper 1.24.4 allows remote attackers to obtain sensitive information via a direct request to learn/cubemail/refresh_dblist.php, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2012-4255
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|