CVE-2012-4434
fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.
Source: CVE-2012-4434
[월:] 2020년 01월
CVE-2012-5558
CVE-2012-5558
Cross-site scripting (XSS) vulnerability in the Smiley module 6.x-1.x versions prior to 6.x-1.1 and Smileys module 6.x-1.x versions prior to 6.x-1.1 for Drupal allows remote authenticated users with the "administer smiley" permission to inject arbitrary web script or HTML via a smiley acronym.
Source: CVE-2012-5558
CVE-2012-3490
CVE-2012-3490
The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.
Source: CVE-2012-3490
CVE-2012-2931
CVE-2012-2931
PHP code injection in TinyWebGallery before 1.8.8 allows remote authenticated users with admin privileges to inject arbitrary code into the .htusers.php file.
Source: CVE-2012-2931
CVE-2019-20180
CVE-2019-20180
The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV injection by Editor users.
Source: CVE-2019-20180
CVE-2012-2226
CVE-2012-2226
Invision Power Board before 3.3.1 fails to sanitize user-supplied input which could allow remote attackers to obtain sensitive information or execute arbitrary code by uploading a malicious file.
Source: CVE-2012-2226
CVE-2019-18859
CVE-2010-3282
CVE-2010-3282
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server before B.08.10.03, when audit logging is enabled, logs the Directory Manager password (nsslapd-rootpw) in cleartext when changing cn=config:nsslapd-rootpw, which might allow local users to obtain sensitive information by reading the log.
Source: CVE-2010-3282
CVE-2012-2142
CVE-2012-2142
The error function in Error.cc in poppler before 0.21.4 allows remote attackers to execute arbitrary commands via a PDF containing an escape sequence for a terminal emulator.
Source: CVE-2012-2142
CVE-2012-1915
CVE-2012-1915
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
Source: CVE-2012-1915