256831
|
- |
|
joomla
|
joomla\!
|
Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2011-4911
|
2012-10-8 13:00 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256832
|
- |
|
impresspages
|
impresspages_cms
|
Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary…
|
CWE-94
Code Injection
|
CVE-2011-4932
|
2012-10-8 13:00 |
2012-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256833
|
- |
|
memcache_project
|
memcache
|
Cross-site scripting (XSS) vulnerability in memcache_admin in the Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2010-5275
|
2012-10-8 13:00 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256834
|
- |
|
wolfcms
|
wolf_cms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Wolf CMS 0.75 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) delete users via th…
|
CWE-352
Origin Validation Error
|
CVE-2012-1897
|
2012-10-5 13:00 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256835
|
- |
|
akiva
|
webboard
|
Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive information by reading from the database.
|
CWE-255
Credentials Management
|
CVE-2011-5204
|
2012-10-5 13:00 |
2012-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256836
|
- |
|
ubiquity_slideshow_team
|
ubiquity-slideshow-ubuntu
|
ubiquity-slideshow-ubuntu before 58.2, during installation, allows remote man-in-the-middle attackers to execute arbitrary web script or HTML and read arbitrary files via a crafted attribute in the <…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0956
|
2012-10-4 13:00 |
2012-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256837
|
- |
|
eucalyptus
|
eucalyptus
|
Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain di…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4065
|
2012-10-3 05:18 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256838
|
- |
|
eucalyptus
|
eucalyptus
|
Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Con…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4064
|
2012-10-3 05:11 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256839
|
- |
|
nextbbs
|
nextbbs
|
Multiple SQL injection vulnerabilities in ajaxserver.php in NextBBS 0.6 allow remote attackers to execute arbitrary SQL commands via the (1) curstr parameter in the findUsers function, (2) id paramet…
|
CWE-89
SQL Injection
|
CVE-2012-1603
|
2012-10-3 05:05 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256840
|
- |
|
ivano_binetti
|
wolf_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in wolfcms/admin/user/add in Wolf CMS 0.75 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user[name], (2) us…
|
CWE-79
Cross-site Scripting
|
CVE-2012-1898
|
2012-10-3 02:27 |
2012-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|