|
263341
|
- |
|
rwcinc
|
free_realty
|
Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4278
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263342
|
- |
|
rwcinc
|
free_realty
|
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/ad…
|
CWE-89
SQL Injection
|
CVE-2012-4279
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263343
|
- |
|
netweblogic
|
login_with_ajax
|
Cross-site scripting (XSS) vulnerability in the Login With Ajax plugin before 3.0.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the callback parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2012-4283
|
2012-08-14 13:00 |
2012-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263344
|
- |
|
invensys
|
dasabcip
daserver_runtime_components
dassidirect
intouch\/wonderware_application_server
wonderware_application_server
|
Stack-based buffer overflow in slssvc.exe before 58.x in Invensys Wonderware SuiteLink in the Invensys System Platform software suite, as used in InTouch/Wonderware Application Server IT before 10.5 …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3007
|
2012-08-14 12:38 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263345
|
- |
|
opera
|
opera_browser
|
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) vi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-3561
|
2012-08-14 12:38 |
2012-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263346
|
- |
|
milesj
|
decoda
|
Cross-site scripting (XSS) vulnerability in decoda/templates/video.php in Decoda before 3.3.1 allows remote attackers to inject arbitrary web script or HTML via multiple URLs in an img tag.
|
CWE-79
Cross-site Scripting
|
CVE-2012-3831
|
2012-08-14 12:38 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263347
|
- |
|
invensys
|
intouch
wonderware_application_server
|
slssvc.exe in Invensys Wonderware SuiteLink in Invensys InTouch 2012 and Wonderware Application Server 2012 allows remote attackers to cause a denial of service (resource consumption) via a long Unic…
|
CWE-399
Resource Management Errors
|
CVE-2012-3847
|
2012-08-14 12:38 |
2012-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263348
|
- |
|
sympa
|
sympa
|
The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-2352
|
2012-08-14 12:37 |
2012-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263349
|
- |
|
linux
|
systemd
|
The rm_rf_children function in util.c in the systemd-logind login manager in systemd before 44, when logging out, allows local users to delete arbitrary files via a symlink attack on unspecified file…
|
CWE-362
Race Condition
|
CVE-2012-1174
|
2012-08-14 12:35 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263350
|
- |
|
cat
clamav
|
quick_heal
clamav
|
The TAR file parser in ClamAV 0.96.4 and Quick Heal (aka Cat QuickHeal) 11.00 allows remote attackers to bypass malware detection via a POSIX TAR file with an initial [aliases] character sequence. NO…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2012-1419
|
2012-08-14 12:35 |
2012-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
