|
294741
|
- |
|
themattharris
|
tmhoauth
|
tmhOAuth before 0.61 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle …
|
CWE-20
Improper Input Validation
|
CVE-2011-5242
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294742
|
- |
|
services_twitter_group
|
services_twitter
|
Services_Twitter 0.6.3 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middl…
|
CWE-20
Improper Input Validation
|
CVE-2011-5241
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294743
|
- |
|
magentocommerce
|
magento
|
Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle…
|
CWE-20
Improper Input Validation
|
CVE-2011-5240
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294744
|
- |
|
civicrm
|
civicrm
|
CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2011-5239
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294745
|
- |
|
google
|
checkout-php
|
google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which a…
|
CWE-20
Improper Input Validation
|
CVE-2011-5238
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294746
|
- |
|
paypal
|
wps_toolkit
|
PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle at…
|
CWE-20
Improper Input Validation
|
CVE-2011-5237
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294747
|
- |
|
moneris
|
eselect_plus
|
Moneris eSelectPlus 2.03 PHP API does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in…
|
CWE-20
Improper Input Validation
|
CVE-2011-5236
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294748
|
- |
|
mnogosearch
|
mnogosearch
|
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
|
CWE-89
SQL Injection
|
CVE-2011-5235
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294749
|
- |
|
scripte24shop
|
social_network_community
|
SQL injection vulnerability in user.php in Social Network Community 2 allows remote attackers to execute arbitrary SQL commands via the userId parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5234
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294750
|
- |
|
irfanview
|
irfanview
|
Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5233
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
