|
295051
|
- |
|
widgetfactorylimited
|
com_jce
|
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arb…
|
NVD-CWE-Other
|
CVE-2011-5134
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295052
|
- |
|
mybb
|
mybb
|
Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list."
|
NVD-CWE-noinfo
|
CVE-2011-5133
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295053
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "usernames via AJAX."
|
CWE-79
Cross-site Scripting
|
CVE-2011-5132
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295054
|
- |
|
mybb
|
mybb
|
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the …
|
CWE-352
Origin Validation Error
|
CVE-2011-5131
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295055
|
- |
|
haudenschilt
|
family_connections_cms
|
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.
|
CWE-94
Code Injection
|
CVE-2011-5130
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295056
|
- |
|
xchat
|
xchat
|
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5129
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295057
|
- |
|
bueltge
|
adminimize
|
Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin before 1.7.22 for WordPress allow remote attackers to inject arbitrary web script or HTML via the page parameter to (1) in…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5128
|
2024-11-21 10:33 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295058
|
- |
|
bueltge
|
adminimize
|
Cross-site scripting (XSS) vulnerability in adminimize/adminimize_page.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4926
|
2024-11-21 10:33 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295059
|
- |
|
elxis
|
elxis_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Elxis CMS 2009.2, 2009.3 and 2009.3 Aphrodite before revision 2684 allow remote attackers to inject arbitrary web script or HTML via the (1) tas…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4918
|
2024-11-21 10:33 |
2012-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295060
|
- |
|
python
|
python
|
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them after data has been written, which introduces a race condition that allows local users to obtain a userna…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4944
|
2024-11-21 10:33 |
2012-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
