|
295021
|
- |
|
moodle
|
moodle
|
The MoodleQuickForm class in the Forms Library in lib/formslib.php in Moodle 1.9.x before 1.9.14, 2.0.x before 2.0.5, and 2.1.x before 2.1.2 does not recognize Forms API setConstant operations, which…
|
NVD-CWE-noinfo
|
CVE-2011-4301
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295022
|
- |
|
moodle
|
moodle
|
The file_browser component in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 does not properly restrict access to category and course data, which allows remote attackers to obtain potentially sensi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4300
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295023
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in mod/wiki/pagelib.php in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allows remote authenticated users to inject arbitrary web script or HTML via a wik…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4299
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295024
|
- |
|
moodle
|
moodle
|
Multiple cross-site request forgery (CSRF) vulnerabilities in mod/wiki/ components in Moodle 2.0.x before 2.0.5 and 2.1.x before 2.1.2 allow remote attackers to hijack the authentication of arbitrary…
|
CWE-352
Origin Validation Error
|
CVE-2011-4298
|
2024-11-21 10:32 |
2012-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295025
|
- |
|
linux
|
linux_kernel
|
The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pat…
|
NVD-CWE-noinfo
|
CVE-2011-4324
|
2024-11-21 10:32 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295026
|
- |
|
icu-project
|
international_components_for_unicode
|
Stack-based buffer overflow in the _canonicalize function in common/uloc.c in International Components for Unicode (ICU) before 49.1 allows remote attackers to execute arbitrary code via a crafted lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4599
|
2024-11-21 10:32 |
2012-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295027
|
- |
|
canonical
|
ubuntu_linux
|
The Ubuntu One Client for Ubuntu 10.04 LTS, 11.04, 11.10, and 12.04 LTS does not properly validate SSL certificates, which allows remote attackers to spoof a server and modify or read sensitive infor…
|
CWE-20
Improper Input Validation
|
CVE-2011-4409
|
2024-11-21 10:32 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295028
|
- |
|
canonical
|
ubuntu_linux
|
The Single Sign On Client (ubuntu-sso-client) for Ubuntu 11.04 and 11.10 does not properly validate SSL certificates when using HTTPS, which allows remote attackers to spoof a server and modify or re…
|
NVD-CWE-Other
|
CVE-2011-4408
|
2024-11-21 10:32 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295029
|
- |
|
gnu
|
gnash
|
plugin/npapi/plugin.cpp in Gnash before 0.8.10 uses weak permissions (world readable) for cookie files with predictable names in /tmp, which allows local users to obtain sensitive information.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4328
|
2024-11-21 10:32 |
2012-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295030
|
- |
|
bestpractical
|
rt
|
SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a…
|
CWE-89
SQL Injection
|
CVE-2011-4460
|
2024-11-21 10:32 |
2012-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
