|
260591
|
- |
|
cisco
|
ios
|
The NAT implementation in Cisco IOS 12.2, 12.4, and 15.0 through 15.2 allows remote attackers to cause a denial of service (device reload) via transit IP packets, aka Bug ID CSCtr46123.
|
CWE-399
Resource Management Errors
|
CVE-2012-4619
|
2013-04-11 12:31 |
2012-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260592
|
- |
|
optimalog
|
optima_plc
|
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted packet.
|
CWE-399
Resource Management Errors
|
CVE-2012-5048
|
2013-04-11 12:31 |
2012-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260593
|
- |
|
optimalog
|
optima_plc
|
APIFTP Server in Optimalog Optima PLC 1.5.2 and earlier allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
|
CWE-20
Improper Input Validation
|
CVE-2012-5049
|
2013-04-11 12:31 |
2012-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260594
|
- |
|
bigace
|
bigace
|
Session fixation vulnerability in BIGACE before 2.7.8 allows remote attackers to hijack web sessions via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2012-5173
|
2013-04-11 12:31 |
2012-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260595
|
- |
|
bigace
|
bigace
|
Per: http://cwe.mitre.org/data/definitions/384.html 'CWE-384: Session Fixation'
|
NVD-CWE-Other
|
CVE-2012-5173
|
2013-04-11 12:31 |
2012-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260596
|
- |
|
atutor
|
acontent
|
SQL injection vulnerability in user/index_inline_editor_submit.php in ATutor AContent 1.2-1 allows remote authenticated users to execute arbitrary SQL commands via the field parameter. NOTE: this vu…
|
CWE-89
SQL Injection
|
CVE-2012-5453
|
2013-04-11 12:31 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260597
|
- |
|
atutor
|
acontent
|
user/index_inline_editor_submit.php in ATutor AContent 1.2-1 does not properly restrict access, which allows remote authenticated users to modify arbitrary user passwords via a crafted request. NOTE…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5454
|
2013-04-11 12:31 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260598
|
- |
|
glpi-project
|
glpi
|
Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI before 0.83.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2012-4002
|
2013-04-11 12:30 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260599
|
- |
|
glpi-project
|
glpi
|
Multiple cross-site scripting (XSS) vulnerabilities in GLPI-PROJECT GLPI before 0.83.3 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4003
|
2013-04-11 12:30 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260600
|
- |
|
djangoproject
|
django
|
The (1) django.http.HttpResponseRedirect and (2) django.http.HttpResponsePermanentRedirect classes in Django before 1.3.2 and 1.4.x before 1.4.1 do not validate the scheme of a redirect target, which…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3442
|
2013-04-11 12:29 |
2012-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
