|
295151
|
- |
|
sitracker
|
support_incident_tracker
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via …
|
CWE-352
Origin Validation Error
|
CVE-2011-5068
|
2024-11-21 10:33 |
2012-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295152
|
- |
|
sitracker
|
support_incident_tracker
|
move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error…
|
CWE-200
Information Exposure
|
CVE-2011-5067
|
2024-11-21 10:33 |
2012-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295153
|
- |
|
tencent
|
qqpphoto
|
The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a cr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4867
|
2024-11-21 10:33 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295154
|
- |
|
kaixin001
|
kaixin001
|
The Kaixin001 (com.kaixin001.activity) application 1.3.1 and 1.3.3 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a cleartext pass…
|
CWE-200
Information Exposure
|
CVE-2011-4866
|
2024-11-21 10:33 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295155
|
- |
|
tencent
|
microblogpad
wblog
|
The Tencent WBlog (com.tencent.WBlog) 3.3.1 and MicroBlogPad 1.4.0 applications for Android do not properly protect data, which allows remote attackers to read or modify message drafts and search key…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4865
|
2024-11-21 10:33 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295156
|
- |
|
tencent
|
mobileqq
|
The Tencent MobileQQ (com.tencent.mobileqq) application 2.2 for Android does not properly protect data, which allows remote attackers to read or modify messages and a friends list via a crafted appli…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4864
|
2024-11-21 10:33 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295157
|
- |
|
tencent
|
qqpimsecure
|
The Tencent QQPimSecure (com.tencent.qqpimsecure) application 3.0.2 for Android does not properly protect data, which allows remote attackers to read or modify SMS/MMS messages and a contact list via…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4863
|
2024-11-21 10:33 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295158
|
- |
|
atvise
|
atvise
|
Unspecified vulnerability in the server in Certec EDV atvise before 2.1 allows remote attackers to cause a denial of service (daemon crash) via crafted requests to TCP port 4840.
|
NVD-CWE-noinfo
|
CVE-2011-4873
|
2024-11-21 10:33 |
2012-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295159
|
- |
|
ibm
|
websphere_application_server
|
The SibRaRecoverableSiXaResource class in the Default Messaging Component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 does not properly handle a Service Integration Bus (SIB) dump o…
|
CWE-200
Information Exposure
|
CVE-2011-5066
|
2024-11-21 10:33 |
2012-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295160
|
- |
|
ibm
|
websphere_application_server
|
Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 allows remote attackers to inject arbitrary web script or HTML via vectors related to web messag…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5065
|
2024-11-21 10:33 |
2012-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
