|
263101
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) calendar displayname to part.choosecalendar.rowf…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4397
|
2012-09-7 01:05 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263102
|
- |
|
owncloud
|
owncloud
|
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud before 4.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) file names to apps/user_ldap/settings.php; (2) u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4396
|
2012-09-7 00:43 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263103
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in index.php in ownCloud before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via the redirect_url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4395
|
2012-09-7 00:39 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263104
|
- |
|
owncloud
|
owncloud
|
Cross-site scripting (XSS) vulnerability in apps/files/js/filelist.js in ownCloud before 4.0.5 allows remote attackers to inject arbitrary web script or HTML via the file parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4394
|
2012-09-7 00:36 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263105
|
- |
|
x.org
|
x.org
|
The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a cl…
|
CWE-20
Improper Input Validation
|
CVE-2010-4818
|
2012-09-6 22:40 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263106
|
- |
|
wikkawiki
|
wikkawiki
|
Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remov…
|
CWE-352
Origin Validation Error
|
CVE-2011-4452
|
2012-09-6 22:08 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263107
|
- |
|
wikkawiki
|
wikkawiki
|
SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execute arbitrary SQL commands via the default_comment_display parameter i…
|
CWE-89
SQL Injection
|
CVE-2011-4448
|
2012-09-6 21:43 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263108
|
- |
|
cyberlink
|
labelprint
|
Multiple untrusted search path vulnerabilities in CyberLink LabelPrint 2.5.3602 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the current workin…
|
NVD-CWE-Other
|
CVE-2012-4756
|
2012-09-6 19:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263109
|
- |
|
cyberlink
|
labelprint
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426 Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2012-4756
|
2012-09-6 19:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263110
|
- |
|
cyberlink
|
streamauthor
|
Multiple untrusted search path vulnerabilities in CyberLink StreamAuthor 4.0 build 3308 allow local users to gain privileges via a Trojan horse (1) mfc71loc.dll or (2) mfc71enu.dll file in the curren…
|
NVD-CWE-Other
|
CVE-2012-4757
|
2012-09-6 19:41 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
