|
295341
|
- |
|
redhat
|
jboss_enterprise_application_platform
jboss_enterprise_web_platform
jboss_enterprise_portal_platform
jboss_enterprise_brms_platform
jboss_enterprise_soa_platform
|
The (1) JNDI service, (2) HA-JNDI service, and (3) HAJNDIFactory invoker servlet in JBoss Enterprise Application Platform 4.3.0 CP10 and 5.1.2, Web Platform 5.1.2, SOA Platform 4.2.0.CP05 and 4.3.0.C…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4605
|
2024-11-21 10:32 |
2012-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295342
|
- |
|
xiph
|
icecast
|
icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.
|
CWE-20
Improper Input Validation
|
CVE-2011-4612
|
2024-11-21 10:32 |
2012-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295343
|
- |
|
backwpup
|
backwpup
|
PHP remote file inclusion vulnerability in wp_xml_export.php in the BackWPup plugin before 1.7.2 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter.
|
CWE-94
Code Injection
|
CVE-2011-4342
|
2024-11-21 10:32 |
2012-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295344
|
- |
|
spamtitan
|
webtitan
|
Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fname parameter in a view action.
|
CWE-22
Path Traversal
|
CVE-2011-4640
|
2024-11-21 10:32 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295345
|
- |
|
spamtitan
|
webtitan
|
The (1) Traceroute and (2) Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow remote authenticated users to execute arbitrary commands via shell metacharacters in an argument, …
|
CWE-94
Code Injection
|
CVE-2011-4639
|
2024-11-21 10:32 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295346
|
- |
|
spamtitan
|
webtitan
|
Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login-x.php, and allow remote authe…
|
CWE-89
SQL Injection
|
CVE-2011-4638
|
2024-11-21 10:32 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295347
|
- |
|
frii
|
proc\
|
ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS.
|
CWE-59
Link Following
|
CVE-2011-4363
|
2024-11-21 10:32 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295348
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary pa…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4551
|
2024-11-21 10:32 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295349
|
- |
|
rsyslog
|
rsyslog
|
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial o…
|
CWE-189
Numeric Errors
|
CVE-2011-4623
|
2024-11-21 10:32 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295350
|
- |
|
wikkawiki
|
wikkawiki
|
Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remov…
|
CWE-352
Origin Validation Error
|
CVE-2011-4452
|
2024-11-21 10:32 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
