|
263321
|
- |
|
adobe
|
acrobat
acrobat_reader
|
Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-4162
|
2012-08-15 19:31 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263322
|
- |
|
lullabot
|
fivestar_module_for_drupal
|
The Fivestar module 6.x-1.x before 6.x-1.20 for Drupal does not properly validate voting data, which allows remote attackers to manipulate voting averages via a negative value in the vote parameter.
|
CWE-20
Improper Input Validation
|
CVE-2012-2096
|
2012-08-15 13:00 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263323
|
- |
|
ubercart
|
ubercart
|
The Ubercart module 6.x-2.x before 6.x-2.8 and 7.x-3.x before 7.x-3.1 for Drupal stores passwords for new customers in plaintext during checkout, which allows local users to obtain sensitive informat…
|
CWE-255
Credentials Management
|
CVE-2012-2299
|
2012-08-15 13:00 |
2012-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263324
|
- |
|
rwcinc
|
free_realty
|
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that (1) …
|
CWE-352
Origin Validation Error
|
CVE-2012-4280
|
2012-08-15 07:05 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263325
|
- |
|
itechscripts
|
proman_xpress
|
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of thes…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4266
|
2012-08-15 03:26 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263326
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) before 1.6.7 allows remote attackers to obtain sensitive information via a malformed forumread cookie, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2012-2327
|
2012-08-14 22:49 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263327
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to inject arbitrary web script or HTML via a malforme…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2326
|
2012-08-14 22:48 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263328
|
- |
|
mybb
|
mybb
|
SQL injection vulnerability in the User Inline Moderation feature in the Admin Control Panel (ACP) in MyBB (aka MyBulletinBoard) before 1.6.7 allows remote administrators to execute arbitrary SQL com…
|
CWE-89
SQL Injection
|
CVE-2012-2325
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263329
|
- |
|
s9y
|
serendipity
|
Cross-site scripting (XSS) vulnerability in serendipity/serendipity_admin_image_selector.php in Serendipity before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the serendi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2331
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263330
|
- |
|
s9y
|
serendipity
|
SQL injection vulnerability in serendipity/serendipity_admin.php in Serendipity before 1.6.1 allows remote attackers to execute arbitrary SQL commands via the serendipity[plugin_to_conf] parameter. …
|
CWE-89
SQL Injection
|
CVE-2012-2332
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
