259761
|
- |
|
joomla
|
joomla\!
|
Joomla! 2.5.3 allows remote attackers to obtain the installation path via the Host HTTP Header.
|
CWE-200
Information Exposure
|
CVE-2012-3829
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259762
|
- |
|
milesj
|
decoda
|
Cross-site scripting (XSS) vulnerability in decoda/Decoda.php in Decoda before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors related to (1) b or (2) div tags.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3832
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259763
|
- |
|
babygekko
|
baby_gekko
|
Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3837
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259764
|
- |
|
babygekko
|
baby_gekko
|
Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.
|
CWE-200
Information Exposure
|
CVE-2012-3838
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259765
|
- |
|
babygekko
|
baby_gekko
|
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3836
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259766
|
- |
|
jbmc-software
|
directadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3842
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259767
|
- |
|
avaya
|
aura_application_server_5300
|
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5096
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259768
|
- |
|
glpi-project
|
glpi
|
PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the sub_type parameter.
|
CWE-94
Code Injection
|
CVE-2012-1037
|
2012-07-16 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259769
|
- |
|
nih
|
libzip
|
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive…
|
CWE-189
Numeric Errors
|
CVE-2012-1163
|
2012-07-16 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
259770
|
- |
|
adrian_chadd
|
rtg rtg2
|
Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.
|
CWE-89
SQL Injection
|
CVE-2012-3881
|
2012-07-16 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|