|
298151
|
- |
|
pivotx
|
pivotx
|
Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0773
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298152
|
- |
|
pivotx
|
pivotx
|
Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0772
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298153
|
- |
|
janrain
|
rpx
|
The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks and p…
|
CWE-20
Improper Input Validation
|
CVE-2011-0771
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298154
|
- |
|
tibco
|
rendezvous
enterprise_message_service
runtime_agent
silver_bpm_service
silver_cap_service
silver_businessworks_service
|
Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before …
|
NVD-CWE-noinfo
|
CVE-2011-0649
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298155
|
- |
|
mediawiki
|
mediawiki
|
Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly No…
|
CWE-22
Path Traversal
|
CVE-2011-0537
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298156
|
- |
|
plone
redhat
|
plone
conga
luci
|
Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and…
|
NVD-CWE-noinfo
|
CVE-2011-0720
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298157
|
- |
|
lockon
|
ec-cube
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) data/Smarty/templates/default/list.tpl and (2) data/Smarty/templates/default/campaign/bloc/cart_tag.tpl in EC-CUBE before 2.4.4 allow remote…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0451
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298158
|
- |
|
ibm
|
db2
|
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DBADM authority, which allows remote authenticated users to execute non-DDL state…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0757
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298159
|
- |
|
linux
|
linux_kernel
|
The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel before 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0521
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298160
|
- |
|
php
|
php
|
Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, a…
|
CWE-189
Numeric Errors
|
CVE-2011-0755
|
2024-11-21 10:24 |
2011-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
