|
296471
|
- |
|
mpdf1
|
mpdf
|
Directory traversal vulnerability in examples/show_code.php in mPDF 5.3 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
|
CWE-22
Path Traversal
|
CVE-2011-5219
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296472
|
- |
|
neubivljiv
|
dota_openstats
|
SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2011-5218
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296473
|
- |
|
hitachi
|
jp1\/serverconductor\/deploymentmanager
serverconductor\/deploymentmanager
|
Directory traversal vulnerability in the PXE Mtftp service in Hitachi JP1/ServerConductor/DeploymentManager before 08-55 Japanese and before 08-51 English allows remote attackers to read arbitrary fi…
|
CWE-22
Path Traversal
|
CVE-2011-5217
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296474
|
- |
|
troyef
wordpress
|
scorm_cloud
wordpress
|
SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress plugin before 1.0.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the active parameter. NOTE: some …
|
CWE-89
SQL Injection
|
CVE-2011-5216
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296475
|
- |
|
2daybiz
|
video_community_portal_script
|
SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5215
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296476
|
- |
|
browsercrm
|
browsercrm
|
Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) modules/ad…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5214
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296477
|
- |
|
browsercrm
|
browsercrm
|
Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) login[username] parameter to index.php, (2) parent_id pa…
|
CWE-89
SQL Injection
|
CVE-2011-5213
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296478
|
- |
|
intelliants
|
subrion_cms
|
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.
|
CWE-89
SQL Injection
|
CVE-2011-5212
|
2024-11-21 10:33 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296479
|
- |
|
intelliants
|
subrion_cms
|
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5211
|
2024-11-21 10:33 |
2012-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296480
|
- |
|
limny
|
limny
|
Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the theme parameter.
|
CWE-22
Path Traversal
|
CVE-2011-5210
|
2024-11-21 10:33 |
2012-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
