Search

Search Results (364989 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-1777 1 F5 1 Firepass 2025-04-11 N/A
SQL injection vulnerability in my.activation.php3 in F5 FirePass 6.0.0 through 6.1.0 and 7.0.0 allows remote attackers to execute arbitrary SQL commands via the state parameter.
CVE-2012-1778 1 Createvision 1 Createvision Cms 2025-04-11 N/A
SQL injection vulnerability in artykul_print.php in CreateVision CMS allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVE-2012-1779 1 Idevspot 1 Idev-businessdirectory 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in IDevSpot idev-BusinessDirectory 3.0 allows remote attackers to inject arbitrary web script or HTML via the SEARCH parameter to index.php.
CVE-2012-1780 1 Socialcms 1 Socialcms 2025-04-11 N/A
SQL injection vulnerability in search.php in SocialCMS 1.0.5 allows remote attackers to execute arbitrary SQL commands via the category parameter.
CVE-2012-1781 1 Socialcms 1 Socialcms 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in ajax/commentajax.php in SocialCMS 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) TREF_email_address or (2) TR_name parameters.
CVE-2012-1782 1 Osqa 1 Osqa 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in questions/ask in OSQA 3b allow remote attackers to inject arbitrary web script or HTML via the (1) url bar or (2) picture bar.
CVE-2012-1783 1 Saurabh Gupta 1 Tiny Server 2025-04-11 N/A
Tiny Server 1.1.9 and earlier allows remote attackers to cause a denial of service (crash) via a long string in a GET request without an HTTP version number.
CVE-2012-1784 1 Myjoblist 1 Myjoblist 2025-04-11 N/A
SQL injection vulnerability in MyJobList 0.1.3 allows remote attackers to execute arbitrary SQL commands via the eid parameter in a profile action to index.php.
CVE-2012-1785 2 Kylegilman, Wordpress 2 Video Embed \& Thumbnail Generator, Wordpress 2025-04-11 N/A
kg_callffmpeg.php in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to execute arbitrary commands via unspecified vectors.
CVE-2012-1786 2 Kylegilman, Wordpress 2 Video Embed \& Thumbnail Generator, Wordpress 2025-04-11 N/A
The Media Upload form in the Video Embed & Thumbnail Generator plugin before 2.0 for WordPress allows remote attackers to obtain the installation path via unknown vectors.
CVE-2012-1787 1 Webglimpse 1 Webglimpse 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in wgarcmin.cgi in Webglimpse 2.20.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) URL, (2) FILE, or (3) DOMAIN parameters.
CVE-2012-1788 1 Wonderdesk 1 Wonderdesk Sql 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in wonderdesk.cgi in WonderDesk SQL 4.14 allow remote attackers to inject arbitrary web script or HTML via the (1) cus_email parameter in a cust_lostpw action; or (2) help_name, (3) help_email, (4) help_website, or (5) help_example_url parameters in an hd_modify_record action.
CVE-2012-1789 1 Tskynet 1 Kongreg8 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Kongreg8 1.7.3 allow remote attackers to inject arbitrary web script or HTML via the (1) surname or (2) firstname parameters to modules/members/addmember.php; or (3) groupdescription or (4) groupname parameters to modules/groups/addgroupform.php.
CVE-2012-1790 1 Webgrind Project 1 Webgrind 2025-04-11 N/A
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php.
CVE-2012-1792 1 Oscommerce 1 Online Merchant 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in osCommerce/OM/Core/Site/Setup/Application/Install/RPC/DBCheck.php in OSCommerce Online Merchant 3.0.2, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the name parameter to oscommerce/index.php, which is not properly handled in an error message. NOTE: this might not be a vulnerability, since the ability to access oscommerce/index.php during installation may already imply administrator privileges.
CVE-2012-1795 1 Webglimpse 1 Webglimpse 2025-04-11 N/A
webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the query parameter, as exploited in the wild in March 2012.
CVE-2012-1796 4 Hp, Ibm, Linux and 1 more 5 Hp-ux, Aix, Db2 and 2 more 2025-04-11 N/A
Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, allows local users to gain privileges via unknown vectors.
CVE-2012-1797 1 Ibm 1 Db2 2025-04-11 N/A
IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors.
CVE-2012-1798 4 Debian, Imagemagick, Opensuse and 1 more 11 Debian Linux, Imagemagick, Opensuse and 8 more 2025-04-11 6.5 Medium
The TIFFGetEXIFProperties function in coders/tiff.c in ImageMagick before 6.7.6-3 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted EXIF IFD in a TIFF image.
CVE-2012-1799 1 Siemens 4 Scalance S602, Scalance S612, Scalance S613 and 1 more 2025-04-11 N/A
The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force attack on the administrative password.