|
260911
|
- |
|
nuance
|
pdf_reader
pdf_reader_plus
|
Nuance PDF Reader 7.0 and PDF Viewer Plus 7.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2013-0113
|
2013-02-26 14:00 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260912
|
- |
|
jforum
|
jforum
|
Multiple cross-site scripting (XSS) vulnerabilities in jforum.page in JForum 2.1.9 allow remote attackers to inject arbitrary web script or HTML via the (1) action, (2) match_type, (3) sort_by, or (4…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5337
|
2013-02-26 14:00 |
2013-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260913
|
- |
|
redhat
|
openshift
openshift_origin
|
Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks…
|
CWE-20
Improper Input Validation
|
CVE-2012-5647
|
2013-02-26 14:00 |
2013-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260914
|
- |
|
redhat
|
openshift
openshift_origin
|
rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain …
|
CWE-310
Cryptographic Issues
|
CVE-2012-5658
|
2013-02-26 14:00 |
2013-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260915
|
- |
|
bigantsoft
|
bigant_im_message_server
|
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2012-6274
|
2013-02-26 14:00 |
2013-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260916
|
- |
|
rob_loach
|
sharethis
|
Multiple cross-site scripting (XSS) vulnerabilities in the ShareThis module 7.x-2.x before 7.x-2.5 for Drupal allow remote authenticated users with the "administer sharethis" permission to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5545
|
2013-02-26 13:52 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260917
|
- |
|
thinkshout
|
mailchimp
|
Multiple cross-site scripting (XSS) vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5551
|
2013-02-26 13:52 |
2012-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260918
|
- |
|
mixpanel_project
|
mixpanel
|
Cross-site scripting (XSS) vulnerability in the Mixpanel module 6.x-1.x before 6.x-1.1 in Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2012-5585
|
2013-02-26 13:52 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260919
|
- |
|
marc_ingram
|
services
|
The Services module 6.x-3.x before 6.x-3.3 and 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "access user profiles" permission to access arbitrary users' emails via vec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-5586
|
2013-02-26 13:52 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260920
|
- |
|
scripthead
|
webmail_plus
|
SQL injection vulnerability in the Webmail Plus module for Drupal allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2012-5590
|
2013-02-26 13:52 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
