|
294481
|
- |
|
hp
|
application_lifestyle_management
|
The GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tm…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4834
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294482
|
- |
|
sugarcrm
|
sugarcrm
|
Multiple SQL injection vulnerabilities in the Leads module in SugarCRM 6.1 before 6.1.7, 6.2 before 6.2.4, 6.3 before 6.3.0RC3, and 6.4 before 6.4.0beta1 allow remote attackers to execute arbitrary S…
|
CWE-89
SQL Injection
|
CVE-2011-4833
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294483
|
- |
|
caupo
|
cauposhop_pro
cauposhop_classic
|
Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the template p…
|
CWE-22
Path Traversal
|
CVE-2011-4832
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294484
|
- |
|
david_azoulay
|
web_file_browser
|
Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a d…
|
CWE-22
Path Traversal
|
CVE-2011-4831
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294485
|
- |
|
barter-sites
|
com_listing
|
Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4830
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294486
|
- |
|
barter-sites
|
com_listing
|
SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2011-4829
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294487
|
- |
|
autosectools
|
v-cms
|
Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extensio…
|
CWE-94
Code Injection
|
CVE-2011-4828
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294488
|
- |
|
autosectools
|
v-cms
|
Multiple cross-site scripting (XSS) vulnerabilities in AutoSec Tools V-CMS 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) p parameter to redirect.php and (2) box parame…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4827
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294489
|
- |
|
autosectools
|
v-cms
|
SQL injection vulnerability in session.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to process.php. NOTE: some of these details are…
|
CWE-89
SQL Injection
|
CVE-2011-4826
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294490
|
- |
|
phpletter
phpmyfaq
tinymce
|
ajax_file_and_image_manager
phpmyfaq
tinymce
|
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly …
|
CWE-94
Code Injection
|
CVE-2011-4825
|
2024-11-21 10:33 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
