Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4019 | 1 C61 | 1 Tokyo Bbs | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in tokyo_bbs.cgi in Come on Girls Interface (CGI) Tokyo BBS allows remote attackers to inject arbitrary web script or HTML via vectors related to the error page. | |||||
| CVE-2012-4031 | 1 Wangkongbao | 2 Cns-1000, Cns-1100 | 2017-08-28 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85. | |||||
| CVE-2012-4032 | 1 Websitepanel | 1 Websitepanel | 2017-08-28 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx. | |||||
| CVE-2012-4033 | 2 Wordpress, Zingiri | 2 Wordpress, Zingiri Web Shop | 2017-08-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Zingiri Web Shop plugin before 2.4.0 for WordPress have unknown impact and attack vectors. | |||||
| CVE-2012-4034 | 1 Pbboard | 1 Pbboard | 2017-08-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in PBBoard 2.1.4 allow remote attackers to execute arbitrary SQL commands via the (1) username parameter to the send page, (2) email parameter to the forget page, (3) password parameter to the forum_archive page, (4) section parameter to the management page, (5) section_id parameter to the managementreply page, (6) member_id parameter to the new_password page, or (7) subjectid parameter to the tags page to index.php. | |||||
| CVE-2012-4035 | 1 Pbboard | 1 Pbboard | 2017-08-28 | 7.5 HIGH | N/A |
| The new_password page in PBBoard 2.1.4 allows remote attackers to change the password of arbitrary user accounts via the member_id and new_password parameters to index.php. | |||||
| CVE-2012-4036 | 1 Pbboard | 1 Pbboard | 2017-08-28 | 6.8 MEDIUM | N/A |
| Unrestricted file upload vulnerability in admin.php in PBBoard 2.1.4 allows remote administrators to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the addons directory. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2012-1216. | |||||
| CVE-2012-4050 | 2 Google, Samsung | 5 Chrome Os, Cr-48 Chromebook, Chromebox 3 and 2 more | 2017-08-28 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Google Chrome OS before 21.0.1180.50 on the Cr-48 and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, have unknown impact and attack vectors. | |||||
| CVE-2012-4054 | 1 Cpe17 | 1 Autorun Killer | 2017-08-28 | 6.9 MEDIUM | N/A |
| Buffer overflow in the readfile function in CPE17 Autorun Killer 1.7.1 and earlier allows physically proximate attackers to execute arbitrary code via a crafted inf file. | |||||
| CVE-2012-4055 | 1 Uiga | 1 Fan Club | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index2.php in Uiga Fan Club allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-2012-4056 | 1 Uiga | 1 Personal Portal | 2017-08-28 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index2.php in Uiga Personal Portal allows remote attackers to execute arbitrary SQL commands via the p parameter. | |||||
| CVE-2012-4057 | 1 Twd-industries | 1 Remote-anything | 2017-08-28 | 9.3 HIGH | N/A |
| Buffer overflow in the Player in Remote-Anything 5.60.15 allows remote attackers to execute arbitrary code via a crafted flm file. | |||||
| CVE-2012-4058 | 1 Socketmail | 1 Socketmail | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SocketMail Pro 2.2.9 allows remote attackers to inject arbitrary web script or HTML via the subject of an email. | |||||
| CVE-2012-4059 | 1 Socketmail | 1 Socketmail | 2017-08-28 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action. | |||||
| CVE-2012-4060 | 1 Asp-dev | 1 Xm Forums | 2017-08-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASP-DEv XM Forums RC3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) profile.asp, (2) forum.asp, or (3) topic.asp. | |||||
| CVE-2012-4061 | 1 Asp-dev | 1 Xm Diary | 2017-08-28 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ASP-DEv XM Diary allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to diary_view.asp or (2) view_date parameter to default.asp. | |||||
| CVE-2012-4063 | 1 Eucalyptus | 1 Eucalyptus | 2017-08-28 | 5.0 MEDIUM | N/A |
| The Apache Santuario configuration in Eucalyptus before 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2012-4068 | 1 Citrix | 1 Provisioning Services | 2017-08-28 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the SoapServer service in Citrix Provisioning Services 5.0, 5.1, 5.6, 5.6 SP1, 6.0, and 6.1 allows remote attackers to execute arbitrary code via a crafted string associated with date and time data. | |||||
| CVE-2012-4075 | 1 Cisco | 1 Nx-os | 2017-08-28 | 7.2 HIGH | N/A |
| Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in unspecified command parameters, aka Bug IDs CSCtf19827 and CSCtf27788. | |||||
| CVE-2012-4076 | 1 Cisco | 1 Nx-os | 2017-08-28 | 6.8 MEDIUM | N/A |
| Cisco NX-OS allows local users to gain privileges and execute arbitrary commands via shell metacharacters in a command that calls the system library function, aka Bug IDs CSCtf23559 and CSCtf27780. | |||||