Search

Search Results (363761 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-6039 1 Yabsoft 1 Advanced Image Hosting Script 2025-04-11 N/A
SQL injection vulnerability in view_comments.php in YABSoft Advanced Image Hosting (AIH) Script, possibly 2.3, allows remote attackers to execute arbitrary SQL commands via the gal parameter.
CVE-2012-6040 1 Convergine 1 File King Advanced File Management 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in users.php in File King Advanced File Management 1.4 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVE-2012-6041 1 Morequick 1 Greenbrowser 2025-04-11 N/A
Double free vulnerability in GreenBrowser before 6.0.1002, when the keyword search bar (F6) is activated, allows remote attackers to execute arbitrary code via a crafted iframe.
CVE-2012-6042 1 Geopainting 1 Gpsmapedit 2025-04-11 N/A
GPSMapEdit 1.1.73.2 allows user-assisted remote attackers to cause a denial of service (crash) via a long string in a lst file.
CVE-2012-6043 1 Php-fusion 1 Php-fusion 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in downloads.php in PHP-Fusion 7.02.04 allows remote attackers to inject arbitrary web script or HTML via the cat_id parameter.
CVE-2012-6044 1 Mjsware 1 M-player 2025-04-11 N/A
M-Player 0.4 allows remote attackers to cause a denial of service (crash) via a crafted MP3 file.
CVE-2012-6045 1 Ramui 1 Ramui Forum 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in gb/user/index.php in Ramui Forum, possibly 1.0 Beta, allows remote attackers to inject arbitrary web script or HTML via the query parameter.
CVE-2012-6046 1 Phpenter 1 Php Enter 2025-04-11 N/A
Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter.
CVE-2012-6047 1 X7 Group 1 X7 Chat 2025-04-11 N/A
Cross-site request forgery (CSRF) vulnerability in X7 Chat 2.0.5.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that add a user to an arbitrary group via the users page in an adminpanel action to index.php.
CVE-2012-6048 1 Guitar-pro 1 Guitar Pro 2025-04-11 N/A
Guitar Pro 6.1.1 r10791 allows remote attackers to cause a denial of service (crash) via a long string in a gpx file.
CVE-2012-6049 1 Opensolution 1 Quick.cart 2025-04-11 N/A
Open Solution Quick.Cart 5.0 allows remote attackers to obtain sensitive information via (1) a long string or (2) invalid characters in a cookie, which reveals the installation path in an error message.
CVE-2012-6050 1 Mikrotik 1 Routeros 2025-04-11 N/A
The winbox service in MikroTik RouterOS 5.15 and earlier allows remote attackers to cause a denial of service (CPU consumption), read the router version, and possibly have other impacts via a request to download the router's DLLs or plugins, as demonstrated by roteros.dll.
CVE-2012-6051 1 Google 1 Cityhash 2025-04-11 N/A
Google CityHash computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack.
CVE-2012-6052 1 Wireshark 1 Wireshark 2025-04-11 N/A
Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files.
CVE-2012-6053 1 Wireshark 1 Wireshark 2025-04-11 N/A
epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field.
CVE-2012-6054 1 Wireshark 1 Wireshark 2025-04-11 N/A
The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service (infinite loop) via a packet that is neither IPv4 nor IPv6.
CVE-2012-6055 1 Wireshark 1 Wireshark 2025-04-11 N/A
epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field.
CVE-2012-6056 2 Redhat, Wireshark 2 Enterprise Linux, Wireshark 2025-04-11 N/A
Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count.
CVE-2012-6057 1 Wireshark 1 Wireshark 2025-04-11 N/A
The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet.
CVE-2012-6058 1 Wireshark 1 Wireshark 2025-04-11 N/A
Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Number of Sources value.