|
301341
|
- |
|
pixelpost
|
pixelpost
|
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) select…
|
CWE-89
SQL Injection
|
CVE-2011-1100
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301342
|
- |
|
redhat
|
policycoreutils
enterprise_linux
fedora
|
The seunshare_mount function in sandbox/seunshare.c in seunshare in certain Red Hat packages of policycoreutils 2.0.83 and earlier in Red Hat Enterprise Linux (RHEL) 6 and earlier, and Fedora 14 and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1011
|
2024-11-21 10:25 |
2011-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301343
|
- |
|
microsoft
|
windows_azure_sdk
|
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS and a Web Role are used with an ASP.NET application, does not properly support the use of cookies for…
|
CWE-20
Improper Input Validation
|
CVE-2011-1068
|
2024-11-21 10:25 |
2011-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301344
|
- |
|
fedoraproject
|
389_directory_server
|
slapd (aka ns-slapd) in 389 Directory Server before 1.2.8.a2 does not properly manage the c_timelimit field of the connection table element, which allows remote attackers to cause a denial of service…
|
CWE-20
Improper Input Validation
|
CVE-2011-1067
|
2024-11-21 10:25 |
2011-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301345
|
- |
|
clamav
|
clamav
|
Double free vulnerability in the vba_read_project_strings function in vba_extract.c in libclamav in ClamAV before 0.97 might allow remote attackers to execute arbitrary code via crafted Visual Basic …
|
CWE-399
Resource Management Errors
|
CVE-2011-1003
|
2024-11-21 10:25 |
2011-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301346
|
- |
|
linux
|
linux_kernel
|
mm/huge_memory.c in the Linux kernel before 2.6.38-rc5 does not prevent creation of a transparent huge page (THP) during the existence of a temporary stack for an exec system call, which allows local…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2011-0999
|
2024-11-21 10:25 |
2011-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301347
|
- |
|
reyero
|
messaging
|
Cross-site scripting (XSS) vulnerability in the Messaging module 6.x-2.x before 6.x-2.4 and 6.x-4.x before 6.x-4.0-beta8 for Drupal allows remote attackers with administer messaging permissions to in…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1066
|
2024-11-21 10:25 |
2011-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301348
|
- |
|
pipi
|
pipi_player
|
Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) Play…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1065
|
2024-11-21 10:25 |
2011-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301349
|
- |
|
qibosoft
|
qi_bo_cms
|
SQL injection vulnerability in member/list.php in qibosoft Qi Bo CMS 7 allows remote attackers to execute arbitrary SQL commands via the aidDB[] parameter.
|
CWE-89
SQL Injection
|
CVE-2011-1064
|
2024-11-21 10:25 |
2011-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301350
|
- |
|
cherry-software
|
photopad
|
Multiple cross-site scripting (XSS) vulnerabilities in Cherry-Design Photopad 1.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id or (2) data[title] parameters in an ed…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1063
|
2024-11-21 10:25 |
2011-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
