|
263371
|
- |
|
phplist
|
phplist
|
Multiple cross-site scripting (XSS) vulnerabilities in lists/admin/index.php in phpList before 2.10.19 allow remote attackers to inject arbitrary web script or HTML via the (1) remote_user, (2) remot…
|
CWE-79
Cross-site Scripting
|
CVE-2012-4247
|
2012-08-13 23:23 |
2012-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263372
|
- |
|
winwebmail
|
winwebmail_server
|
Multiple cross-site scripting (XSS) vulnerabilities in WinWebMail Server 3.8.1.6 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2571
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263373
|
- |
|
tdah
|
t-day_webmail
|
Multiple cross-site scripting (XSS) vulnerabilities in T-dah WebMail 3.2.0-2.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a SCRIPT element, (2) …
|
CWE-79
Cross-site Scripting
|
CVE-2012-2573
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263374
|
- |
|
e-supportportal
|
escon_supportportal
|
Multiple cross-site scripting (XSS) vulnerabilities in ESCON SupportPortal Professional Edition 3.0 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with (1) a…
|
CWE-79
Cross-site Scripting
|
CVE-2012-2590
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263375
|
- |
|
solarwinds
|
orion_network_performance_monitor
|
Multiple cross-site request forgery (CSRF) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) before 10.3.1 allow remote attackers to hijack the authentication of administrators fo…
|
CWE-352
Origin Validation Error
|
CVE-2012-2602
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263376
|
- |
|
fenrir-inc
|
sleipnir_mobile
|
The Sleipnir Mobile application 2.2.0 and earlier and Sleipnir Mobile Black Edition application 2.2.0 and earlier for Android allow remote attackers to execute arbitrary Java methods, and obtain sens…
|
CWE-94
Code Injection
|
CVE-2012-2649
|
2012-08-13 13:00 |
2012-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263377
|
- |
|
breakingpointsystems
|
breakingpoint_storm_appliance_ctm
breakingpoint_storm_appliance
|
The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to …
|
CWE-287
Improper Authentication
|
CVE-2012-2963
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263378
|
- |
|
breakingpointsystems
|
breakingpoint_storm_appliance_ctm
breakingpoint_storm_appliance
|
The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information …
|
CWE-20
Improper Input Validation
|
CVE-2012-2964
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263379
|
- |
|
ushahidi
|
ushahidi_platform
|
Multiple SQL injection vulnerabilities in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vectors related to (1) the verify function in application/contr…
|
CWE-89
SQL Injection
|
CVE-2012-3468
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263380
|
- |
|
ushahidi
|
ushahidi_platform
|
Multiple SQL injection vulnerabilities in application/libraries/api/MY_Countries_Api_Object.php in the Ushahidi Platform before 2.5 allow remote attackers to execute arbitrary SQL commands via vector…
|
CWE-89
SQL Injection
|
CVE-2012-3470
|
2012-08-13 13:00 |
2012-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
