SQL injection vulnerability in the Weblinks (com_weblinks) component for Joomla! and Mambo 1.0.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
Max CVSS
7.5
EPSS Score
0.13%
Published
2012-09-06
Updated
2013-08-16
The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c.
Max CVSS
8.5
EPSS Score
1.20%
Published
2012-09-05
Updated
2012-09-06
The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw."
Max CVSS
3.6
EPSS Score
0.04%
Published
2012-09-05
Updated
2012-09-13
core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live mode," allows remote attackers to obtain the SQL queries for a page via the showqueries and ajax parameters.
Max CVSS
4.3
EPSS Score
1.26%
Published
2012-09-17
Updated
2012-09-18
Cross-site scripting (XSS) vulnerability in the httpError method in sapphire/core/control/RequestHandler.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when custom error handling is not used, allows remote attackers to inject arbitrary web script or HTML via "missing URL actions."
Max CVSS
4.3
EPSS Score
0.60%
Published
2012-09-17
Updated
2017-08-29
SQL injection vulnerability in the augmentSQL method in core/model/Translatable.php in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4, when the Translatable extension is enabled, allows remote attackers to execute arbitrary SQL commands via the locale parameter.
Max CVSS
6.8
EPSS Score
0.73%
Published
2012-09-17
Updated
2017-08-29
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain version information via a direct request to (1) apphire/silverstripe_version or (2) cms/silverstripe_version.
Max CVSS
5.0
EPSS Score
0.54%
Published
2012-09-17
Updated
2017-08-29
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.26%
Published
2012-09-17
Updated
2012-09-18
The XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly check capabilities, which allows remote authenticated users to bypass intended access restrictions, and publish, edit, or delete posts, by leveraging the Author or Contributor role.
Max CVSS
6.5
EPSS Score
0.22%
Published
2012-09-14
Updated
2012-09-17
Untrusted search path vulnerability in Roxio MyDVD 9 allows local users to gain privileges via a Trojan horse HomeUtils9.dll file in the current working directory, as demonstrated by a directory that contains a .dmsd or .dmsm file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.05%
Published
2012-09-06
Updated
2012-09-06
Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-06
Updated
2012-09-06
Untrusted search path vulnerability in Pixia 4.70j allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pxa file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-06
Updated
2012-09-11
Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, .qbo, or .qpg file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-13
Untrusted search path vulnerability in PhotoImpact X3 13.00.0000.0 allows local users to gain privileges via a Trojan horse bwsconst.dll file in the current working directory, as demonstrated by a directory that contains a .ufp or .ufo file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-06
Updated
2012-09-06
Untrusted search path vulnerability in KeePass Password Safe before 1.18 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .kdb file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-06
Updated
2012-09-13
Untrusted search path vulnerability in MAGIX Samplitude Producer 11 allows local users to gain privileges via a Trojan horse PlayRIplA6.dll file in the current working directory, as demonstrated by a directory that contains a .vip file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-06
Updated
2012-09-13
Untrusted search path vulnerability in JetAudio 8.0.7.1000 Basic allows local users to gain privileges via a Trojan horse WNASPI32.DLL file in the current working directory, as demonstrated by a directory that contains a .mp3 file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-06
Updated
2012-09-21
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll, (2) conman.dll, (3) kmpapi32.dll, or (4) ncpmon2.dll file in the current working directory, as demonstrated by a directory that contains a .pcf or .spd file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-06
Multiple untrusted search path vulnerabilities in IBM Lotus Symphony 1.3.0 20090908.0900 allow local users to gain privileges via a Trojan horse (1) eclipse_1114.dll or (2) emser645mi.dll file in the current working directory, as demonstrated by a directory that contains a .odm, .odt, .otp, .stc, .stw, .sxg, or .sxw file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-13
Multiple untrusted search path vulnerabilities in e-press ONE Office Author allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .psw file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-13
Multiple untrusted search path vulnerabilities in e-press ONE Office E-NoteTaker and E-Zip allow local users to gain privileges via a Trojan horse (1) mfc71enu.dll or (2) mfc71loc.dll file in the current working directory, as demonstrated by a directory that contains a .txt, .rar, or .tar file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-13
Multiple untrusted search path vulnerabilities in CelFrame Office 2008 Standard Edition allow local users to gain privileges via a Trojan horse (1) java_msci.dll or (2) msci_java.dll file in the current working directory, as demonstrated by a directory that contains a .doc, .xls, or .odg file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-06
Multiple untrusted search path vulnerabilities in the (1) Presentation, (2) Writer, and (3) Spreadsheets components in Kingsoft Office 2010 6.6.0.2477 allow local users to gain privileges via a Trojan horse plgpf.dll file in the current working directory, as demonstrated by a directory that contains a .xls, .ppt, .rtf, or .doc file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-06
Multiple untrusted search path vulnerabilities in Nuance PDF Reader 6.0 allow local users to gain privileges via a Trojan horse (1) dwmapi.dll or (2) exceptiondumpdll.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.06%
Published
2012-09-06
Updated
2012-09-06
Untrusted search path vulnerability in Sorax Reader 2.0.3129.70 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .pdf file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.04%
Published
2012-09-06
Updated
2018-08-13
655 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!