|
294871
|
- |
|
zabbix
|
zabbix
|
Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the profiler.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5027
|
2024-11-21 10:33 |
2011-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294872
|
- |
|
yaws
|
yaws
|
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) t…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5025
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294873
|
- |
|
gnu
|
mailman
|
Cross-site scripting (XSS) vulnerability in mmsearch/design in the Mailman/htdig integration patch for Mailman allows remote attackers to inject arbitrary web script or HTML via the config parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5024
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294874
|
- |
|
pligg
|
pligg_cms
|
Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the search program, a different vulnerability than CVE-…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5023
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294875
|
- |
|
pligg
|
pligg_cms
|
SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbitrary SQL commands via the status parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5022
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294876
|
- |
|
winn
|
winn_guestbook
|
Cross-site scripting (XSS) vulnerability in the addPost function in data/functions.php in Winn GuestBook before 2.4.8d allows remote attackers to inject arbitrary web script or HTML via the name para…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5026
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294877
|
- |
|
phpids
|
phpids
|
PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified ve…
|
CWE-94
Code Injection
|
CVE-2011-5021
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294878
|
- |
|
attachmate
|
reflection_2011r1
reflection_2008r2
reflection_2008
reflection
reflection_2008r1
|
Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 bef…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5012
|
2024-11-21 10:33 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294879
|
- |
|
xt-commerce
|
xt-commerce
|
Multiple cross-site request forgery (CSRF) vulnerabilities in xt:Commerce 3.0.4 SP2.1 and possibly earlier allow remote attackers to hijack the authentication of Admins for requests that (1) set a Ne…
|
CWE-352
Origin Validation Error
|
CVE-2011-5011
|
2024-11-21 10:33 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294880
|
- |
|
ctekproducts
|
skyrouter
|
apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5010
|
2024-11-21 10:33 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
