261161
|
- |
|
wftpserver
|
wing_ftp_server
|
Wing FTP Server before 4.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via two zip commands.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4729
|
2013-03-2 13:46 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261162
|
- |
|
bestpractical
|
rt
|
Cross-site request forgery (CSRF) vulnerability in Request Tracker (RT) 3.8.12 and other versions before 3.8.15, and 4.0.6 and other versions before 4.0.8, allows remote attackers to hijack the authe…
|
CWE-352
Origin Validation Error
|
CVE-2012-4732
|
2013-03-2 13:46 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261163
|
- |
|
bestpractical
|
rt
|
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote attackers to conduct a "confused deputy" attack to bypass the CSRF warning protection mechanism and cause victims to "mod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4734
|
2013-03-2 13:46 |
2012-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261164
|
- |
|
ibm
|
db2
|
Stack-based buffer overflow in the SQL/PSM (aka SQL Persistent Stored Module) Stored Procedure (SP) infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4826
|
2013-03-2 13:46 |
2012-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261165
|
- |
|
adobe
|
shockwave_player
|
Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2012-4172, CVE-2012-4173, CVE-2012-4…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5273
|
2013-03-2 13:46 |
2012-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261166
|
- |
|
mark_burdett
|
securelogin
|
Open redirect vulnerability in the securelogin_secure_redirect function in the Secure Login module 7.x-1.x before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites a…
|
CWE-20
Improper Input Validation
|
CVE-2012-4489
|
2013-03-2 13:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261167
|
- |
|
ricky_morse
|
excluded_users
|
Multiple cross-site scripting (XSS) vulnerabilities in the Excluded Users module 6.x-1.x before 6.x-1.1 for Drupal allow remote attackers to inject arbitrary web script or HTML via a (1) user name or…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4490
|
2013-03-2 13:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261168
|
- |
|
earl_dunovant
|
monthly_archive_by_node_type
|
The Monthly Archive by Node Type module 6.x for Drupal does not properly check permissions defined by node_access modules, which allows remote attackers to access restricted nodes via unspecified vec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4491
|
2013-03-2 13:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261169
|
- |
|
isaac_sukin
|
shorten
|
Multiple cross-site scripting (XSS) vulnerabilities in the Shorten URLs module 6.x-1.x before 6.x-1.13 and 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4492
|
2013-03-2 13:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261170
|
- |
|
mime_mail_module_project
|
mimemail
|
The Mime Mail module 6.x-1.x before 6.x-1.1 for Drupal does not properly restrict access to files outside Drupal's publish files directory, which allows remote authenticated users to send arbitrary f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-4495
|
2013-03-2 13:45 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|