|
296611
|
- |
|
pmwiki
|
pmwiki
|
The PageListSort function in scripts/pagelist.php in PmWiki 2.x before 2.2.35 allows remote attackers to execute arbitrary code via PHP sequences in a crafted order parameter in a pagelist directive,…
|
CWE-94
Code Injection
|
CVE-2011-4453
|
2024-11-21 10:32 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296612
|
- |
|
moodle
|
moodle
|
CRLF injection vulnerability in calendar/set.php in the Calendar component in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, 2.1.x before 2.1.3, and 2.2 allows remote attackers to inject arbitrary H…
|
CWE-94
Code Injection
|
CVE-2011-4203
|
2024-11-21 10:32 |
2011-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296613
|
- |
|
zftpserver
|
zftpserver_suite
|
Directory traversal vulnerability in zFTPServer Suite 6.0.0.52 allows remote authenticated users to delete arbitrary directories via a crafted RMD (aka rmdir) command.
|
CWE-22
Path Traversal
|
CVE-2011-4717
|
2024-11-21 10:32 |
2011-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296614
|
- |
|
unbound
|
unbound
|
Unbound before 1.4.13p2 attempts to free unallocated memory during processing of duplicate CNAME records in a signed zone, which allows remote DNS servers to cause a denial of service (daemon crash) …
|
CWE-399
Resource Management Errors
|
CVE-2011-4528
|
2024-11-21 10:32 |
2011-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296615
|
- |
|
pidgin
|
pidgin
|
The silc_channel_message function in ops.c in the SILC protocol plugin in libpurple in Pidgin before 2.10.1 does not perform the expected UTF-8 validation on message data, which allows remote attacke…
|
CWE-20
Improper Input Validation
|
CVE-2011-4603
|
2024-11-21 10:32 |
2011-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296616
|
- |
|
pidgin
|
pidgin
|
The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of …
|
CWE-20
Improper Input Validation
|
CVE-2011-4602
|
2024-11-21 10:32 |
2011-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296617
|
- |
|
adobe
|
acrobat
acrobat_reader
|
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 1…
|
NVD-CWE-noinfo
|
CVE-2011-4369
|
2024-11-21 10:32 |
2011-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296618
|
- |
|
parallels
|
parallels_plesk_panel
|
Cross-site scripting (XSS) vulnerability in the Site Editor (aka SiteBuilder) feature in Parallels Plesk Panel 10.4.4_build20111103.18 allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4777
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296619
|
- |
|
parallels
|
parallels_plesk_panel
|
Multiple cross-site scripting (XSS) vulnerabilities in the Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 allow remote attackers to inject arbitrary web script or HTML via crafted inp…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4776
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296620
|
- |
|
parallels
|
parallels_plesk_small_business_panel
|
The Site Editor (aka SiteBuilder) feature in Parallels Plesk Small Business Panel 10.2.0 omits the Content-Type header's charset parameter for certain resources, which might allow remote attackers to…
|
NVD-CWE-Other
|
CVE-2011-4768
|
2024-11-21 10:32 |
2011-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
