|
295261
|
- |
|
autosectools
|
v-cms
|
Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extensio…
|
CWE-94
Code Injection
|
CVE-2011-4828
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295262
|
- |
|
autosectools
|
v-cms
|
Multiple cross-site scripting (XSS) vulnerabilities in AutoSec Tools V-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) p parameter to redirect.php and (2) box parame…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4827
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295263
|
- |
|
autosectools
|
v-cms
|
SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to process.php. NOTE: some of these details are…
|
CWE-89
SQL Injection
|
CVE-2011-4826
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295264
|
- |
|
phpletter
phpmyfaq
tinymce
|
ajax_file_and_image_manager
phpmyfaq
tinymce
|
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly …
|
CWE-94
Code Injection
|
CVE-2011-4825
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295265
|
- |
|
cacti
|
cacti
|
SQL injection vulnerability in auth_login.php in Cacti before 0.8.7h allows remote attackers to execute arbitrary SQL commands via the login_username parameter.
|
CWE-89
SQL Injection
|
CVE-2011-4824
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295266
|
- |
|
extensionsforjoomla
|
com_vikrealestate
|
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a re…
|
CWE-89
SQL Injection
|
CVE-2011-4823
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295267
|
- |
|
atlassian
|
fisheye
|
Multiple cross-site scripting (XSS) vulnerabilities in the user profile feature in Atlassian FishEye before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) snippets in a u…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4822
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295268
|
- |
|
dolibarr
|
dolibarr_erp\/crm
|
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) index.php, (2) adm…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4814
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295269
|
- |
|
whmcs
|
whmcompletesolution
|
Directory traversal vulnerability in clientarea.php in WHMCompleteSolution (WHMCS) 3.x.x allows remote attackers to read arbitrary files via an invalid action and a ../ (dot dot slash) in the templat…
|
CWE-22
Path Traversal
|
CVE-2011-4813
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295270
|
- |
|
bst
|
bestshoppro
|
Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro allows remote attackers to inject arbitrary web script or HTML via the str parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4812
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
