|
260811
|
- |
|
scripthead
|
webmail_plus
|
SQL injection vulnerability in the Webmail Plus module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-5590
|
2013-02-26 13:52 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260812
|
- |
|
gecad
|
axigen_free_mail_server
|
Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName…
|
CWE-22
Path Traversal
|
CVE-2012-4940
|
2013-02-26 13:51 |
2012-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260813
|
- |
|
forescout
|
counteract
|
Open redirect vulnerability in assets/login on the Forescout CounterACT NAC device before 7.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL i…
|
CWE-20
Improper Input Validation
|
CVE-2012-4982
|
2013-02-26 13:51 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260814
|
- |
|
forescout
|
counteract
|
Multiple cross-site scripting (XSS) vulnerabilities on the Forescout CounterACT NAC device before 7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the a parameter to assets/l…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4983
|
2013-02-26 13:51 |
2012-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260815
|
- |
|
rubinius
|
rubinius
|
Rubinius computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) …
|
CWE-310
Cryptographic Issues
|
CVE-2012-5372
|
2013-02-26 13:51 |
2012-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260816
|
- |
|
cisco
|
prime_data_center_network_manager
|
Cisco Prime Data Center Network Manager (DCNM) before 6.1(1) does not properly restrict access to certain JBoss MainDeployer functionality, which allows remote attackers to execute arbitrary commands…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5417
|
2013-02-26 13:51 |
2012-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260817
|
- |
|
sgi
|
performance_co-pilot
|
The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow local users to overwrite arbitrary files via a symlink attack on a /var/tmp/##### temporary file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5530
|
2013-02-26 13:51 |
2012-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260818
|
- |
|
emc
|
rsa_data_protection_manager_software_server
rsa_data_protection_manager_appliance
|
Cross-site scripting (XSS) vulnerability in EMC RSA Data Protection Manager Appliance and Software Server 2.7.x and 3.x before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4612
|
2013-02-26 13:50 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260819
|
- |
|
emc
|
rsa_data_protection_manager_appliance
|
EMC RSA Data Protection Manager Appliance 2.7.x and 3.x before 3.2.1 does not properly restrict the number of authentication attempts by a user account, which makes it easier for local users to bypas…
|
CWE-287
Improper Authentication
|
CVE-2012-4613
|
2013-02-26 13:50 |
2012-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260820
|
- |
|
bigantsoft
|
bigant_im_message_server
|
SQL injection vulnerability in BigAntSoft BigAnt IM Message Server allows remote attackers to execute arbitrary SQL commands via an SHU (aka search user) request.
|
CWE-89
SQL Injection
|
CVE-2012-6273
|
2013-02-26 03:20 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
