|
294411
|
- |
|
elitecore
|
cyberoam_unified_threat_management
|
SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via th…
|
CWE-89
SQL Injection
|
CVE-2011-5050
|
2024-11-21 10:33 |
2012-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294412
|
- |
|
-
|
-
|
MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted packet to TCP port 3306.
|
CWE-399
Resource Management Errors
|
CVE-2011-5049
|
2024-11-21 10:33 |
2012-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294413
|
- |
|
e107
|
e107
|
SQL injection vulnerability in usersettings.php in e107 0.7.26, and possibly other versions before 1.0.0, allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
CWE-89
SQL Injection
|
CVE-2011-4921
|
2024-11-21 10:33 |
2012-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294414
|
- |
|
e107
|
e107
|
Multiple cross-site scripting (XSS) vulnerabilities in e107 0.7.26, and other versions before 1.0.0, allow remote attackers to inject arbitrary web script or HTML via the URL to (1) e107_images/thumb…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4920
|
2024-11-21 10:33 |
2012-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294415
|
- |
|
ibm
|
web_experience_factory
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Web Experience Factory (aka WEF, formerly WebSphere Portlet Factory) 7.0 and 7.0.1 allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2011-5048
|
2024-11-21 10:33 |
2012-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294416
|
- |
|
pfsense
|
pfsense
|
Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remote attackers to inject arbitrary web script or HTML via the style parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5047
|
2024-11-21 10:33 |
2012-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294417
|
- |
|
microsoft
|
windows_xp
windows_server_2008
windows_7
windows_server_2003
windows_vista
|
The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, …
|
CWE-20
Improper Input Validation
|
CVE-2011-5046
|
2024-11-21 10:33 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294418
|
- |
|
jjwdesign
|
php_booking_calendar
|
Cross-site scripting (XSS) vulnerability in details_view.php in PHP Booking Calendar 10e allows remote attackers to inject arbitrary web script or HTML via the page_info_message parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5045
|
2024-11-21 10:33 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294419
|
- |
|
sopcast
|
sopcast
|
SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows local users to execute arbitrary code by replacing Diagnose.exe with a Trojan horse program.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5044
|
2024-11-21 10:33 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294420
|
- |
|
tomatosoft
|
free_mp3_player
|
TomatoSoft Free Mp3 Player 1.0 allows remote attackers to cause a denial of service (application crash) via a long string in an MP3 file, possibly a buffer overflow.
|
CWE-20
Improper Input Validation
|
CVE-2011-5043
|
2024-11-21 10:33 |
2011-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
