|
295401
|
- |
|
tforum
|
tforum
|
Cross-site scripting (XSS) vulnerability in member.php in tForum b0.915 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a viewprofile action.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5138
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295402
|
- |
|
tforum
|
tforum
|
Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary SQL commands via the (1) TopicID parameter to viewtopic.php, the (2) BoardID parameter to viewboard…
|
CWE-89
SQL Injection
|
CVE-2011-5137
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295403
|
- |
|
epractizelabs
|
subscription_manager
|
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter.
|
CWE-20
Improper Input Validation
|
CVE-2011-5136
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295404
|
- |
|
docebo
|
docebolms
|
Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the iotask module in DoceboLMS 4.0.4 and earlier allow remote authenticated users with admin or teacher…
|
CWE-89
SQL Injection
|
CVE-2011-5135
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295405
|
- |
|
widgetfactorylimited
|
com_jce
|
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arb…
|
NVD-CWE-Other
|
CVE-2011-5134
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295406
|
- |
|
mybb
|
mybb
|
Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list."
|
NVD-CWE-noinfo
|
CVE-2011-5133
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295407
|
- |
|
mybb
|
mybb
|
Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "usernames via AJAX."
|
CWE-79
Cross-site Scripting
|
CVE-2011-5132
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295408
|
- |
|
mybb
|
mybb
|
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the …
|
CWE-352
Origin Validation Error
|
CVE-2011-5131
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295409
|
- |
|
haudenschilt
|
family_connections_cms
|
dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allows remote attackers to execute arbitrary commands via shell metacharacters in the argv[1] parameter.
|
CWE-94
Code Injection
|
CVE-2011-5130
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295410
|
- |
|
xchat
|
xchat
|
Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5129
|
2024-11-21 10:33 |
2012-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
