|
296331
|
- |
|
ibm
|
maximo_asset_management
maximo_asset_management_essentials
tivoli_asset_management_for_it
trivoli_service_request_manager
maximo_service_desk
tivoli_change_and_configuration_management…
|
The About option on the Help menu in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Ma…
|
CWE-200
Information Exposure
|
CVE-2011-4817
|
2024-11-21 10:33 |
2012-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296332
|
- |
|
ibm
|
maximo_asset_management
maximo_asset_management_essentials
tivoli_asset_management_for_it
trivoli_service_request_manager
maximo_service_desk
tivoli_change_and_configuration_management…
|
SQL injection vulnerability in the KPI component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Ser…
|
CWE-89
SQL Injection
|
CVE-2011-4816
|
2024-11-21 10:33 |
2012-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296333
|
- |
|
ibm
|
soliddb
|
The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a su…
|
CWE-20
Improper Input Validation
|
CVE-2011-4890
|
2024-11-21 10:33 |
2012-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296334
|
- |
|
craig_barratt
|
backuppc
|
Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly other earlier versions allows remote attackers to inject arbitrary web script or HTML via the share p…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5081
|
2024-11-21 10:33 |
2012-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296335
|
- |
|
craig_barratt
|
backuppc
|
Cross-site scripting (XSS) vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter i…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4923
|
2024-11-21 10:33 |
2012-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296336
|
- |
|
juergen_furrer
|
jftcaforms
|
Cross-site scripting (XSS) vulnerability in lib/class.tx_jftcaforms_tceFunc.php in the Additional TCA Forms (jftcaforms) extension before 0.2.1 for TYPO3 allows remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5080
|
2024-11-21 10:33 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296337
|
- |
|
netcreators
|
irfaq
|
Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.4 for TYPO3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing a…
|
CWE-20
Improper Input Validation
|
CVE-2011-5079
|
2024-11-21 10:33 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296338
|
- |
|
sybase
|
m-business_anywhere
|
The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD# 3 and 7.0 before ESD# 7 does not require admin authentication for unspecified scripts, which allows remote…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5078
|
2024-11-21 10:33 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296339
|
- |
|
hudong
|
hdwiki
|
Unrestricted file upload vulnerability in attachement.php in HDWiki 5.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a dir…
|
NVD-CWE-Other
|
CVE-2011-5077
|
2024-11-21 10:33 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296340
|
- |
|
hudong
|
hdwiki
|
SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versions allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. NOTE:…
|
CWE-89
SQL Injection
|
CVE-2011-5076
|
2024-11-21 10:33 |
2012-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
