261521
|
- |
|
moinmo
|
moinmoin
|
Cross-site scripting (XSS) vulnerability in the rsslink function in theme/__init__.py in MoinMoin 1.9.5 allows remote attackers to inject arbitrary web script or HTML via the page name in a rss link.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6082
|
2013-01-7 14:00 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261522
|
- |
|
lemonldap-ng
|
lemonldap\
|
LemonLDAP::NG before 1.2.3 does not use the signature-verification capability of the Lasso library, which allows remote attackers to bypass intended access-control restrictions via crafted SAML data.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6426
|
2013-01-7 14:00 |
2013-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261523
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.0.x before 2.0.20 does not process URL encoded data consistently within the Routing and Security components, which allows remote attackers to bypass intended URI restrictions via a doubly e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-6431
|
2013-01-7 14:00 |
2012-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261524
|
- |
|
e107
|
e107
|
Cross-site request forgery (CSRF) vulnerability in e107_admin/newspost.php in e107 1.0.1 allows remote attackers to hijack the authentication of administrators for requests that conduct XSS attacks v…
|
CWE-352
Origin Validation Error
|
CVE-2012-6433
|
2013-01-7 14:00 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261525
|
- |
|
e107
|
e107
|
Multiple cross-site request forgery (CSRF) vulnerabilities in e107_admin/download.php in e107 1.0.2 allow remote attackers to hijack the authentication of administrators for requests that conduct SQL…
|
CWE-352
Origin Validation Error
|
CVE-2012-6434
|
2013-01-7 14:00 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261526
|
- |
|
moinmo
|
moinmoin
|
Multiple directory traversal vulnerabilities in the (1) twikidraw (action/twikidraw.py) and (2) anywikidraw (action/anywikidraw.py) actions in MoinMoin before 1.9.6 allow remote authenticated users w…
|
CWE-22
Path Traversal
|
CVE-2012-6495
|
2013-01-7 14:00 |
2013-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261527
|
- |
|
swi-prolog
|
swi-prolog
|
Multiple stack-based buffer overflows in the expand function in os/pl-glob.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application crash) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6090
|
2013-01-5 00:09 |
2013-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261528
|
- |
|
swi-prolog
|
swi-prolog
|
Multiple stack-based buffer overflows in the canoniseFileName function in os/pl-os.c in SWI-Prolog before 6.2.5 and 6.3.x before 6.3.7 allow remote attackers to cause a denial of service (application…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-6089
|
2013-01-4 20:52 |
2013-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261529
|
- |
|
blackboard
|
transact_suite
|
The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database username and (2) database password in cleartext in (a) script and (b) batc…
|
CWE-200
Information Exposure
|
CVE-2010-3245
|
2013-01-4 14:00 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261530
|
- |
|
squiz
|
mysource_matrix
|
Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in MySource Matrix 3.28.3 allow remote attackers to inject arbitrary web script or HTML via the (1) height or (2) width parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4901
|
2013-01-4 14:00 |
2011-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|