Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2012-08-13	CVE-2012-4265	SQL Injection vulnerability in Itechscripts Proman Xpress 5.0.1 SQL injection vulnerability in category_edit.php in Proman Xpress 5.0.1 allows remote attackers to execute arbitrary SQL commands via the cid parameter. network low complexity itechscripts CWE-89	7.5
2012-08-13	CVE-2012-4264	Cross-Site Scripting vulnerability in Bit51 Better-Wp-Security Multiple cross-site scripting (XSS) vulnerabilities in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "server variables," a different vulnerability than CVE-2012-4263. network bit51 wordpress CWE-79	4.3
2012-08-13	CVE-2012-4263	Cross-Site Scripting vulnerability in Bit51 Better-Wp-Security Cross-site scripting (XSS) vulnerability in inc/admin/content.php in the Better WP Security (better_wp_security) plugin before 3.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the HTTP_USER_AGENT header. network bit51 wordpress CWE-79	4.3
2012-08-13	CVE-2012-3869	Cross-Site Scripting vulnerability in Redaxo Cross-site scripting (XSS) vulnerability in include/classes/class.rex_list.inc.php in REDAXO 4.3.x and 4.4 allows remote attackers to inject arbitrary web script or HTML via the subpage parameter to index.php. network redaxo CWE-79	4.3
2012-08-13	CVE-2012-3367	Cryptographic Issues vulnerability in Redhat Certificate System and Dogtag Certificate System Red Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate. network low complexity redhat CWE-310	5.5
2012-08-13	CVE-2012-2371	Cross-Site Scripting vulnerability in Mnt-Tech Wp-Facethumb 0.1 Cross-site scripting (XSS) vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter. network mnt-tech wordpress CWE-79	4.3
2012-08-13	CVE-2012-2368	Improper Input Validation vulnerability in Bytemark Symbiosis 1321 Bytemark Symbiosis before Revision 1322 does not properly validate passwords, which allows remote attackers to gain access to email accounts via an arbitrary password. network low complexity bytemark CWE-20	5.0
2012-08-13	CVE-2011-0524	Buffer Errors vulnerability in Iain Gypsy 0.8 Multiple buffer overflows in the NMEA parser (nmea-gen.c) in gypsy 0.8 allow local users to cause a denial of service (crash) via unspecified vectors related to the sprintf function. local low complexity iain CWE-119	2.1
2012-08-13	CVE-2011-0523	Permissions, Privileges, and Access Controls vulnerability in Iain Gypsy 0.8 gypsy 0.8 does not properly restrict the files that can be read while running with root privileges, which allows local users to read otherwise restricted files via unspecified vectors. local iain CWE-264	1.9
2012-08-13	CVE-2012-4262	Cross-Site Scripting vulnerability in Hccgmbh Mycare2X Multiple cross-site scripting (XSS) vulnerabilities in myCare2x allow remote attackers to inject arbitrary web script or HTML via the (1) name_last, (2) name_first, (3) name_middle, or (4) name_maiden parameter to modules/patient/mycare_pid.php; (5) favorites or (6) lang parameter to modules/nursing/mycare_ward_print.php; (7) aktion or (8) callurl parameter to modules/patient/mycare2x_pat_info.php; or (9) ln parameter to modules/drg/mycare2x_proc_search.php. network hccgmbh CWE-79	4.3

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities