259621
|
- |
|
rsgallery2
|
com_rsgallery2
|
Cross-site scripting (XSS) vulnerability in the comments module in the RSGallery2 (com_rsgallery2) component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attacker…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4071
|
2012-08-10 19:34 |
2012-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259622
|
- |
|
rsgallery2
|
com_rsgallery2
|
The RSGallery2 (com_rsgallery2) component before 3.2.0 for Joomla! 2.5.x does not place index.html files in image directories, which allows remote attackers to list image filenames via a request for …
|
CWE-200
Information Exposure
|
CVE-2012-4235
|
2012-08-10 19:34 |
2012-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259623
|
- |
|
opscode
|
chef
|
chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6, does not require administrative privileges for creating admin clients, which allows remote a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5098
|
2012-08-10 13:00 |
2012-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259624
|
- |
|
fenrir-inc
|
sleipnir_mobile
|
Cross-site scripting (XSS) vulnerability in the Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allows remote attackers to in…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4004
|
2012-08-9 22:47 |
2012-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259625
|
- |
|
tryton
|
trytond
|
model/modelstorage.py in the Tryton application framework (trytond) before 2.4.0 for Python does not properly restrict access to the Many2Many field in the relation model, which allows remote authent…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-0215
|
2012-08-9 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259626
|
- |
|
florian_weber
|
spaces
|
The Spaces module 6.x-3.x before 6.x-3.4 for Drupal does not enforce permissions on non-object pages, which allows remote attackers to obtain sensitive information and possibly have other impacts via…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2303
|
2012-08-9 13:00 |
2012-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259627
|
- |
|
justin_ellison
|
node_gallery
|
Cross-site request forgery (CSRF) vulnerability in the Node Gallery module for Drupal 6.x-3.1 and earlier allows remote attackers to hijack the authentication of certain users for requests that creat…
|
CWE-352
Origin Validation Error
|
CVE-2012-2305
|
2012-08-9 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259628
|
- |
|
wordpress
|
wordpress
|
Cross-site request forgery (CSRF) vulnerability in the customizer in WordPress before 3.4.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-3384
|
2012-08-9 13:00 |
2012-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259629
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderate severity issue."
|
NVD-CWE-noinfo
|
CVE-2012-3559
|
2012-08-9 13:00 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259630
|
- |
|
csilvers
|
gperftools
|
Multiple integer overflows in TCMalloc (tcmalloc.cc) in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large siz…
|
CWE-189
Numeric Errors
|
CVE-2005-4895
|
2012-08-9 13:00 |
2012-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|