261611
|
- |
|
infoblox
|
netmri
|
Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox NetMRI 6.0.2.42, 6.1.2, 6.2.1 and earlier allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5178
|
2012-12-17 14:00 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261612
|
- |
|
bioinformatics
|
ordersys
|
Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier allow remote attackers to execute arbitrary SQL commands via the where_clause parameter to (1) index.php, (2) index_long.php, or (…
|
CWE-89
SQL Injection
|
CVE-2011-5183
|
2012-12-17 14:00 |
2012-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261613
|
- |
|
axway
|
securetransport
|
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a…
|
CWE-22
Path Traversal
|
CVE-2012-4991
|
2012-12-13 20:53 |
2012-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261614
|
- |
|
adobe
|
camera_raw
|
Buffer underflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-5679
|
2012-12-13 20:53 |
2012-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261615
|
- |
|
xen
|
xen
|
Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the I…
|
CWE-399
Resource Management Errors
|
CVE-2011-3131
|
2012-12-13 20:53 |
2012-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261616
|
- |
|
e107
|
e107
|
Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.
|
NVD-CWE-Other
|
CVE-2010-2098
|
2012-12-13 13:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261617
|
- |
|
e107
|
e107
|
Per: http://cwe.mitre.org/data/definitions/184.html
'CWE-184: Incomplete Blacklist'
|
NVD-CWE-Other
|
CVE-2010-2098
|
2012-12-13 13:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261618
|
- |
|
kerio
|
personal_firewall serverfirewall
|
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Env…
|
NVD-CWE-Other
|
CVE-2005-3286
|
2012-12-13 11:43 |
2005-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261619
|
- |
|
layton_technology
|
helpbox
|
Multiple SQL injection vulnerabilities in Layton Helpbox 4.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) reqclass parameter to editrequestenduser.asp; the (2) sys_request_i…
|
CWE-89
SQL Injection
|
CVE-2012-4971
|
2012-12-12 20:38 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
261620
|
- |
|
layton_technology
|
helpbox
|
selectawasset.asp in Layton Helpbox 4.4.0 allows remote attackers to discover ODBC database credentials via an element=sys_asset_id request, which is not properly handled during construction of an er…
|
CWE-200
Information Exposure
|
CVE-2012-4976
|
2012-12-12 20:38 |
2012-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|