Export limit exceeded: 363299 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363299 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2012-4261 1 Hccgmbh 1 Mycare2x 2025-04-11 N/A
SQL injection vulnerability in modules/patient/mycare2x_pat_info.php in myCare2x allows remote attackers to execute arbitrary SQL commands via the lang parameter.
CVE-2012-4262 1 Hccgmbh 1 Mycare2x 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow remote attackers to inject arbitrary web script or HTML via the (1) name_last, (2) name_first, (3) name_middle, or (4) name_maiden parameter to modules/patient/mycare_pid.php; (5) favorites or (6) lang parameter to modules/nursing/mycare_ward_print.php; (7) aktion or (8) callurl parameter to modules/patient/mycare2x_pat_info.php; or (9) ln parameter to modules/drg/mycare2x_proc_search.php.
CVE-2012-4263 2 Bit51, Wordpress 2 Better-wp-security, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP_USER_AGENT header.
CVE-2012-4264 2 Bit51, Wordpress 2 Better-wp-security, Wordpress 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different vulnerability than CVE-2012-4263.
CVE-2012-4265 1 Itechscripts 1 Proman Xpress 2025-04-11 N/A
SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter.
CVE-2012-4266 1 Itechscripts 1 Proman Xpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in client_details.php in Proman Xpress 5.0.1 allows remote attackers to inject arbitrary web script or HTML via the cl_comments parameter. NOTE: some of these details are obtained from third party information.
CVE-2012-4267 1 Pu-gh 1 Sockso 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in user/register in Sockso 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the name parameter.
CVE-2012-4268 2 Ait-pro, Wordpress 2 Bulletproof-security, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in bulletproof-security/admin/options.php in the BulletProof Security plugin before .47.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP_ACCEPT_ENCODING header.
CVE-2012-4269 1 Efrontlearning 1 Efront 2025-04-11 N/A
Unrestricted file upload vulnerability in eFront 3.6.11 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension via an attachment in a message.
CVE-2012-4270 1 Efrontlearning 1 Efront 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in eFront 3.6.11 allows remote authenticated users to inject arbitrary web script or HTML via the subject box of a message.
CVE-2012-4271 2 Mark Jaquith, Wordpress 2 Bad Behavior, Wordpress 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in bad-behavior-wordpress-admin.php in the Bad Behavior plugin before 2.0.47 and 2.2.x before 2.2.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, (2) httpbl_key, (3) httpbl_maxage, (4) httpbl_threat, (5) reverse_proxy_addresses, or (6) reverse_proxy_header parameter.
CVE-2012-4272 2 Ppfeufer, Wordpress 2 2-click-social-media-buttons, Wordpress 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the "processing of the buttons of Xing and Pinterest".
CVE-2012-4273 2 Ppfeufer, Wordpress 2 2-click-social-media-buttons, Wordpress 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter.
CVE-2012-4274 1 Hitachi 2 Cobol Gui Option, Cobol Gui Option Server 2025-04-11 N/A
Unspecified vulnerability in Hitachi Cobol GUI Option 06-00, 06-01 through 06-01-/A, 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B and Cobol GUI Option Server 07-00, 07-01 before 07-01-/B, and 08-00 before 08-00-/B allows remote attackers to execute arbitrary code via unknown attack vectors.
CVE-2012-4275 1 Hitachi 1 It Operations Director 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 before 03-00-08 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-4276 1 Hitachi 1 It Operations Director 2025-04-11 N/A
Unspecified vulnerability in Hitachi IT Operations Director 02-50-01 through 02-50-07, 03-00 before 03-00-08 allows attackers to cause a denial of service via unknown attack vectors.
CVE-2012-4277 1 Smarty 1 Smarty 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in the smarty_function_html_options_optoutput function in distribution/libs/plugins/function.html_options.php in Smarty before 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2012-4278 1 Rwcinc 1 Free Realty 2025-04-11 N/A
Multiple cross-site scripting (XSS) vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) notes parameter to (a) admin/agenteditor.php; (2) title, (3) previewdesc, (4) fulldesc, or (5) notes parameter (b) to agentadmin.php or (c) in an addlisting action to agentadmin.php; or unspecified vectors to (d) admin/adminfeatures.php.
CVE-2012-4279 1 Rwcinc 1 Free Realty 2025-04-11 N/A
Multiple SQL injection vulnerabilities in Free Realty 3.1-0.6 allow remote attackers to execute arbitrary SQL commands via the (1) view parameter to agentdisplay.php or (2) edit parameter to admin/admin.php.
CVE-2012-4280 1 Rwcinc 1 Free Realty 2025-04-11 N/A
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/agenteditor.php in Free Realty 3.1-0.6 allow remote attackers to hijack the authentication of administrators for requests that (1) add an agent via an addagent action or (2) modify an agent.