256991
|
- |
|
google
|
chrome
|
Google Chrome before 18.0.1025308 on Android allows remote attackers to bypass the Same Origin Policy and obtain access to local files via vectors involving a symlink.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4908
|
2012-09-14 22:30 |
2012-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256992
|
- |
|
google
|
chrome
|
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4907
|
2012-09-14 22:25 |
2012-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256993
|
- |
|
google
|
chrome
|
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4906
|
2012-09-14 22:23 |
2012-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256994
|
- |
|
google
|
chrome
|
Cross-site scripting (XSS) vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script or HTML via an extra in an Intent object, aka "Universa…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4905
|
2012-09-14 22:22 |
2012-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256995
|
- |
|
google
|
chrome
|
Cross-application scripting vulnerability in Google Chrome before 18.0.1025308 on Android allows remote attackers to inject arbitrary web script via unspecified vectors, as demonstrated by "Universal…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4904
|
2012-09-14 22:20 |
2012-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256996
|
- |
|
google
|
chrome
|
Google Chrome before 18.0.1025308 on Android does not properly restrict access to file: URLs, which allows remote attackers to obtain sensitive information via unspecified vectors, as demonstrated by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4903
|
2012-09-14 13:00 |
2012-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256997
|
- |
|
joomla
|
joomla\!
|
Unspecified vulnerability in Joomla! 1.6.x and 1.7.x before 1.7.4 allows remote attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2012-0819.
|
NVD-CWE-noinfo
|
CVE-2012-0821
|
2012-09-13 13:00 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256998
|
- |
|
joomla
|
joomla\!
|
Unspecified vulnerability in Joomla! 1.7.x before 1.7.5 allows attackers to read the error log via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2012-0836
|
2012-09-13 13:00 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256999
|
- |
|
pkp
|
open_journal_systems
|
Multiple directory traversal vulnerabilities in the iBrowser plugin library, as used in Open Journal Systems before 2.3.7, allow remote authenticated users to (1) delete or (2) rename arbitrary files…
|
CWE-22
Path Traversal
|
CVE-2012-1467
|
2012-09-13 13:00 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
257000
|
- |
|
phplist
|
phplist
|
SQL injection vulnerability in public_html/lists/admin in phpList before 2.10.18 allows remote attackers to execute arbitrary SQL commands via the sortby parameter in a find action.
|
CWE-89
SQL Injection
|
CVE-2012-2740
|
2012-09-13 13:00 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|