|
295031
|
- |
|
egroupware
|
egroupware
egroupware_enterprise_line
|
SQL injection vulnerability in phpgwapi/js/dhtmlxtree/samples/with_db/loaddetails.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.201108…
|
CWE-89
SQL Injection
|
CVE-2011-4949
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295032
|
- |
|
egroupware
|
egroupware
egroupware_enterprise_line
|
Directory traversal vulnerability in admin/remote.php in EGroupware Enterprise Line (EPL) before 11.1.20110804-1 and EGroupware Community Edition before 1.8.001.20110805 allows remote attackers to re…
|
CWE-22
Path Traversal
|
CVE-2011-4948
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295033
|
- |
|
e107
|
e107
|
Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert …
|
CWE-352
Origin Validation Error
|
CVE-2011-4947
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295034
|
- |
|
e107
|
e107
|
SQL injection vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to execute arbitrary SQL commands via the user_field parameter.
|
CWE-89
SQL Injection
|
CVE-2011-4946
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295035
|
- |
|
spamtitan
|
spamtitan
|
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow remote attackers or authenticated users to inject arbitrary web script or HTML via the (1) ipaddress o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5150
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295036
|
- |
|
spamtitan
|
spamtitan
|
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) testaddr or (2) testpass parameter to auth-…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5149
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295037
|
- |
|
wasen
|
mod_simplefileupload
|
Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file…
|
NVD-CWE-Other
|
CVE-2011-5148
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295038
|
- |
|
freewebshop
|
freewebshop
|
Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP cod…
|
CWE-94
Code Injection
|
CVE-2011-5147
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295039
|
- |
|
ingumadev
|
bokken
|
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot.
|
CWE-59
Link Following
|
CVE-2011-5146
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295040
|
- |
|
obm
|
open_business_management
|
Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote attackers to obtain configuration information via a direct request to test.php, which calls the phpinfo function.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5144
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
