|
296011
|
6.1 |
MEDIUM
Network
|
bsuite_project
|
bsuite
|
Multiple cross-site scripting (XSS) vulnerabilities in ui_stats.php in the bSuite plugin before 5 alpha 3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s or …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4955
|
2024-11-21 10:33 |
2017-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296012
|
- |
|
cobbler_project
|
cobbler
|
The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of th…
|
CWE-20
Improper Input Validation
|
CVE-2011-4953
|
2024-11-21 10:33 |
2014-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296013
|
- |
|
imperva
|
securesphere_web_application_firewall
|
Cross-site scripting (XSS) vulnerability in the Violations Table in the management GUI in the MX Management Server in Imperva SecureSphere Web Application Firewall (WAF) 9.0 allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4887
|
2024-11-21 10:33 |
2014-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296014
|
- |
|
dlink
|
dir-601_firmware
dir-601
|
Directory traversal vulnerability in the TFTP server in D-Link DIR-601 Wireless N150 Home Router with firmware 1.02NA allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-4821
|
2024-11-21 10:33 |
2014-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296015
|
- |
|
intersectalliance
|
system_intrusion_analysis_and_reporting_environment
|
Cross-site scripting (XSS) vulnerability in the events page in the System iNtrusion Analysis and Reporting Environment (SNARE) for Linux agent before 1.7.0 allows remote attackers to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5249
|
2024-11-21 10:33 |
2014-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296016
|
- |
|
disk_pool_manager_project
|
disk_pool_manager
|
Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6, as used in EGI UDM, allow remote attackers to execute arbitrary SQL commands via the (1) r_token variable in the dp…
|
CWE-89
SQL Injection
|
CVE-2011-4970
|
2024-11-21 10:33 |
2014-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296017
|
- |
|
silverstripe
|
silverstripe
|
Cross-site scripting (XSS) vulnerability in the process function in SSViewer.php in SilverStripe before 2.3.13 and 2.4.x before 2.4.6 allows remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4958
|
2024-11-21 10:33 |
2014-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296018
|
- |
|
condor_project
fedoraproject
redhat
|
condor
fedora
enterprise_mrg
|
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2011-4930
|
2024-11-21 10:33 |
2014-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296019
|
- |
|
memcached
|
memcached
|
Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and ea…
|
CWE-189
Numeric Errors
|
CVE-2011-4971
|
2024-11-21 10:33 |
2013-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296020
|
- |
|
freeradius
|
freeradius
|
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenti…
|
CWE-255
Credentials Management
|
CVE-2011-4966
|
2024-11-21 10:33 |
2013-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
