|
295391
|
- |
|
wasen
|
mod_simplefileupload
|
Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file…
|
NVD-CWE-Other
|
CVE-2011-5148
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295392
|
- |
|
freewebshop
|
freewebshop
|
Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP cod…
|
CWE-94
Code Injection
|
CVE-2011-5147
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295393
|
- |
|
ingumadev
|
bokken
|
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot.
|
CWE-59
Link Following
|
CVE-2011-5146
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295394
|
- |
|
obm
|
open_business_management
|
Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote attackers to obtain configuration information via a direct request to test.php, which calls the phpinfo function.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5144
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295395
|
- |
|
obm
|
open_business_management
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.3.20 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_name, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5143
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295396
|
- |
|
obm
|
open_business_management
|
Multiple SQL injection vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sel_domain_id o…
|
CWE-89
SQL Injection
|
CVE-2011-5145
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295397
|
- |
|
obm
|
open_business_management
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_dele…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5142
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295398
|
- |
|
obm
|
open_business_management
|
Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local fi…
|
CWE-22
Path Traversal
|
CVE-2011-5141
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295399
|
- |
|
diy-cms
|
blog
|
Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index…
|
CWE-89
SQL Injection
|
CVE-2011-5140
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295400
|
- |
|
preprojects
|
business_cards_designer
|
SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5139
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
