|
263531
|
- |
|
babygekko
|
baby_gekko
|
Multiple cross-site scripting (XSS) vulnerabilities in apps/users/registration.template.php in Baby Gekko 1.2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3837
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263532
|
- |
|
babygekko
|
baby_gekko
|
Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.
|
CWE-200
Information Exposure
|
CVE-2012-3838
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263533
|
- |
|
babygekko
|
baby_gekko
|
Multiple cross-site scripting (XSS) vulnerabilities in Baby Gekko before 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) groupname parameter in a savecategory in the u…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3836
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263534
|
- |
|
jbmc-software
|
directadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in CMD_DOMAIN in JBMC Software DirectAdmin 1.403 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2012-3842
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263535
|
- |
|
avaya
|
aura_application_server_5300
|
Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5096
|
2012-07-17 13:00 |
2012-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263536
|
- |
|
glpi-project
|
glpi
|
PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the sub_type parameter.
|
CWE-94
Code Injection
|
CVE-2012-1037
|
2012-07-16 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263537
|
- |
|
nih
|
libzip
|
Integer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to execute arbitrary code via the size and offset values for the central directory in a zip archive…
|
CWE-189
Numeric Errors
|
CVE-2012-1163
|
2012-07-16 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263538
|
- |
|
adrian_chadd
|
rtg
rtg2
|
Multiple SQL injection vulnerabilities in RTG 0.7.4 and RTG2 0.9.2 allow remote attackers to execute arbitrary SQL commands via unspecified parameters to (1) 95.php, (2) view.php, or (3) rtg.php.
|
CWE-89
SQL Injection
|
CVE-2012-3881
|
2012-07-16 13:00 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263539
|
- |
|
nih
|
libzip
|
Heap-based buffer overflow in the _zip_readcdir function in zip_open.c in libzip 0.10 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-1162
|
2012-07-13 23:50 |
2012-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263540
|
- |
|
cisco
|
telepresence_system_software
telepresence_system_1300_65
telepresence_system_3000
telepresence_system_3010
telepresence_system_3200
telepresence_system_3210
telepresence_system_t3
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443,…
|
CWE-78
OS Command
|
CVE-2012-3075
|
2012-07-12 19:34 |
2012-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
