|
295041
|
- |
|
obm
|
open_business_management
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.3.20 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_name, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5143
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295042
|
- |
|
obm
|
open_business_management
|
Multiple SQL injection vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sel_domain_id o…
|
CWE-89
SQL Injection
|
CVE-2011-5145
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295043
|
- |
|
obm
|
open_business_management
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_dele…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5142
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295044
|
- |
|
obm
|
open_business_management
|
Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local fi…
|
CWE-22
Path Traversal
|
CVE-2011-5141
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295045
|
- |
|
diy-cms
|
blog
|
Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index…
|
CWE-89
SQL Injection
|
CVE-2011-5140
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295046
|
- |
|
preprojects
|
business_cards_designer
|
SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5139
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295047
|
- |
|
tforum
|
tforum
|
Cross-site scripting (XSS) vulnerability in member.php in tForum b0.915 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a viewprofile action.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5138
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295048
|
- |
|
tforum
|
tforum
|
Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard…
|
CWE-89
SQL Injection
|
CVE-2011-5137
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295049
|
- |
|
epractizelabs
|
subscription_manager
|
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter.
|
CWE-20
Improper Input Validation
|
CVE-2011-5136
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295050
|
- |
|
docebo
|
docebolms
|
Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher…
|
CWE-89
SQL Injection
|
CVE-2011-5135
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
