261231
|
- |
|
fultek
|
wintr_scada
|
Directory traversal vulnerability in the web server in Fultek WinTr Scada 4.0.5 and earlier allows remote attackers to read arbitrary files via a crafted request.
|
CWE-22
Path Traversal
|
CVE-2012-3011
|
2013-03-2 13:43 |
2012-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261232
|
- |
|
oscommerce paypal
|
online_merchant website_payments_standard_module
|
The PayPal (aka MODULE_PAYMENT_PAYPAL_STANDARD) module before 1.1 in osCommerce Online Merchant before 2.3.4 allows remote attackers to set the payment recipient via a modified value of the merchant'…
|
NVD-CWE-Other
|
CVE-2012-2991
|
2013-03-2 13:42 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261233
|
- |
|
cososys
|
endpoint_protector_appliace_4
|
The CoSoSys Endpoint Protector 4 appliance establishes an EPProot password based entirely on the appliance serial number, which makes it easier for remote attackers to obtain access via a brute-force…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2994
|
2013-03-2 13:42 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261234
|
- |
|
mutiny
|
standard
|
Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the network-interface menu, related to a "command injection vulnerability."
|
CWE-78
OS Command
|
CVE-2012-3001
|
2013-03-2 13:42 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261235
|
- |
|
mutiny
|
standard
|
Per: http://www.kb.cert.org/vuls/id/841851
"Impact
An authenticated attacker can run arbitrary commands on the appliance."
|
CWE-78
OS Command
|
CVE-2012-3001
|
2013-03-2 13:42 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261236
|
- |
|
mutiny
|
standard
|
Per: http://www.mutiny.com/products.php
"Mutiny is a virtual appliance that uses industry standard SNMP to gather information from IT Infrastructure, process and display the results in a multi-use…
|
CWE-78
OS Command
|
CVE-2012-3001
|
2013-03-2 13:42 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261237
|
- |
|
foscam wansview
|
h.264_hi3510\/11\/12_ip_camera
|
The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to …
|
CWE-287
Improper Authentication
|
CVE-2012-3002
|
2013-03-2 13:42 |
2012-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261238
|
- |
|
quagga
|
quagga
|
The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service (assertion failure and daemon exit) by leveraging a BGP peering relationsh…
|
NVD-CWE-Other
|
CVE-2012-1820
|
2013-03-2 13:40 |
2012-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261239
|
- |
|
springsource
|
grails
|
VMware SpringSource Grails before 1.3.8, and 2.x before 2.0.2, does not properly restrict data binding, which might allow remote attackers to bypass intended access restrictions and modify arbitrary …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1833
|
2013-03-2 13:40 |
2012-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261240
|
- |
|
umich
|
libgssglue libgssapi
|
libgssapi and libgssglue before 0.4 do not properly check privileges, which allows local users to load untrusted configuration files and execute arbitrary code via the GSSAPI_MECH_CONF environment va…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-2709
|
2013-03-2 13:33 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|