WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting

A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI. id: CVE-2012-4768 info: name: WordPress Plugin Download Monitor 3.3.5.9 - Cross-Site...

MySQLDumper 1.24.4 - Directory Traversal

Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. dot dot in the 1 language parameter to learn/cubemail/install.php or 2 f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. dot dot in the...

OpenEMR 4.1 - Local File Inclusion

Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the formname parameter to 1 contrib/acog/printform.php; or 2 loadform.php, 3 viewform.php, or 4 trendform.php in interface/patientfile/encounter. id:...

ManageEngine Firewall Analyzer 7.2 - Cross-Site Scripting

Multiple cross-site scripting vulnerabilities in ManageEngine Firewall Analyzer 7.2 allow remote attackers to inject arbitrary web script or HTML via the 1 subTab or 2 tab parameter to createAnomaly.do; 3 url, 4 subTab, or 5 tab parameter to mindex.do; 6 tab parameter to index2.do; or 7 port...

WebsitePanel before v1.2.2.1 - Open Redirect

Open redirect vulnerability in the login page in WebsitePanel before 1.2.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in ReturnUrl to Default.aspx id: CVE-2012-4032 info: name: WebsitePanel before v1.2.2.1 - Open Redirect author:...

WordPress Integrator 1.32 - Cross-Site Scripting

A cross-site scripting vulnerability in wp-integrator.php in the WordPress Integrator module 1.32 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirectto parameter to wp-login.php. id: CVE-2012-5913 info: name: WordPress Integrator 1.32 - Cross-Site Scripti...

Apache Struts <2.3.1.1 - Remote Code Execution

Apache Struts before 2.3.1.1 is susceptible to remote code execution. When developer mode is used in the DebuggingInterceptor component, a remote attacker can execute arbitrary OGNL commands via unspecified vectors, which can allow for execution of malware, obtaining sensitive information,...

PHP CGI v5.3.12/5.4.2 Remote Code Execution

sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string,...

Security Bulletin: IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl

Summary IBM SPSS Modeler is affected by multiple vulnerabilities in xercesImpl CVE-2009-2625, CVE-2012-0881, CVE-2013-4002, CVE-2020-14338, CVE-2022-23437. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2009-2625 DESCRIPTION: XMLScanner.java in Apache Xerces2...

CVE-2012-1007 vulnerabilities

Vulnerabilities for packages: hadoop-fips...

RHCOS 6 : openshift-origin-node-util (RHSA-2013:0148)

The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2013:0148 advisory. - openshift-origin-node-util: restorer.php pregmatch shell code injection CVE-2012-5646 - openshift-origin-node-util: restorer.php...

RHCOS 6 : openshift-console (RHSA-2012:1555)

The remote Red Hat Enterprise Linux CoreOS 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2012:1555 advisory. - openshift-console: CSRF attack CVE-2012-5622 Note that Nessus has not tested for this issue but has instead relied only on the application'...

CVE-2012-1854

creationtimestamp| type| source ---|---|--- 2026-04-13 18:00:02+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/5bcfae49-c2a1-49d8-a588-65ac74882fb9 2026-04-13 18:07:38+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/6244769 2026-04-13...

MiracleLinux 4 : dnsmasq-2.48-13.AXS4 (AXSA:2013-132:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-132:01 advisory. Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve...

MiracleLinux 3 : perl-DBD-Pg-1.49-4.AXS3 (AXSA:2012-693:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-693:01 advisory. An implementation of DBI for PostgreSQL for Perl. Security issues fixed with this release: CVE-2012-1151 No description available at the time of writing, plea...

MiracleLinux 4 : rpm-4.8.0-19.1.0.1.AXS4 (AXSA:2012-489:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-489:02 advisory. The RPM Package Manager RPM is a powerful command line driven package management system capable of installing, uninstalling,c verifying, querying, an...

MiracleLinux 3 : bind-9.3.6-20.P1.2.0.1.AXS3 (AXSA:2012-779:03)

"The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-779:03 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names ...

MiracleLinux 3 : kvm-83-266.0.1.AXS3.1 (AXSA:2014-242:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-242:01 advisory. KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtual machines...

CVE-2012-10064 Omni Secure Files < 0.1.14 Unauthenticated Arbitrary File Upload

Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...

MiracleLinux 4 : elinks-0.12-0.21.pre5.AXS4 (AXSA:2013-110:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-110:01 advisory. Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over...