|
294921
|
- |
|
vbulletin
|
vbulletin
|
Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter in a …
|
CWE-20
Improper Input Validation
|
CVE-2011-5251
|
2024-11-21 10:33 |
2013-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294922
|
- |
|
redhat
|
resteasy
|
The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote attackers to read arbitrary files via an external entity reference in a Java Architecture for XML Bi…
|
CWE-200
Information Exposure
|
CVE-2011-5245
|
2024-11-21 10:33 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294923
|
- |
|
tetex
gnome
t1lib
|
tetex
evince
t1lib
|
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote at…
|
CWE-189
Numeric Errors
|
CVE-2011-5244
|
2024-11-21 10:33 |
2012-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294924
|
- |
|
abraham_williams
|
twitteroauth
|
TwitterOAuth does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attacker…
|
CWE-20
Improper Input Validation
|
CVE-2011-5243
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294925
|
- |
|
themattharris
|
tmhoauth
|
tmhOAuth before 0.61 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle …
|
CWE-20
Improper Input Validation
|
CVE-2011-5242
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294926
|
- |
|
services_twitter_group
|
services_twitter
|
Services_Twitter 0.6.3 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middl…
|
CWE-20
Improper Input Validation
|
CVE-2011-5241
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294927
|
- |
|
magentocommerce
|
magento
|
Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle…
|
CWE-20
Improper Input Validation
|
CVE-2011-5240
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294928
|
- |
|
civicrm
|
civicrm
|
CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2011-5239
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294929
|
- |
|
google
|
checkout-php
|
google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which a…
|
CWE-20
Improper Input Validation
|
CVE-2011-5238
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294930
|
- |
|
paypal
|
wps_toolkit
|
PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle at…
|
CWE-20
Improper Input Validation
|
CVE-2011-5237
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
