|
298441
|
- |
|
simon_pamies
|
pywebdav
|
Multiple SQL injection vulnerabilities in the get_userinfo method in the MySQLAuthHandler class in DAVServer/mysqlauth.py in PyWebDAV before 0.9.4.1 allow remote attackers to execute arbitrary SQL co…
|
CWE-89
SQL Injection
|
CVE-2011-0432
|
2024-11-21 10:23 |
2011-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298442
|
- |
|
hp
|
power_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in HP Power Manager (HPPM) 4.3.2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the logType parameter to Content…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0280
|
2024-11-21 10:23 |
2011-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298443
|
- |
|
apple
|
safari
webkit
|
WebKit in Apple Safari before 5.0.4, when the Web Inspector is used, does not properly handle the window.console._inspectorCommandLineAPI property, which allows user-assisted remote attackers to bypa…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0169
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298444
|
- |
|
apple
|
safari
webkit
|
The windows functionality in WebKit in Apple Safari before 5.0.4 allows remote attackers to bypass the Same Origin Policy, and force the upload of arbitrary local files from a client computer, via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0167
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298445
|
- |
|
apple
|
safari
webkit
|
The HTML5 drag and drop functionality in WebKit in Apple Safari before 5.0.4 allows user-assisted remote attackers to bypass the Same Origin Policy and obtain sensitive information via vectors relate…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0166
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298446
|
- |
|
apple
|
safari
webkit
iphone_os
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle unspecified "cached resources," which allows remote attackers to cause a denial of service (resource unavaila…
|
CWE-20
Improper Input Validation
|
CVE-2011-0163
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298447
|
- |
|
apple
|
iphone_os
apple_tv
tvos
|
Wi-Fi in Apple iOS before 4.3 and Apple TV before 4.2 does not properly perform bounds checking for Wi-Fi frames, which allows remote attackers to cause a denial of service (device reset) via unspeci…
|
CWE-20
Improper Input Validation
|
CVE-2011-0162
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298448
|
- |
|
apple
|
safari
webkit
iphone_os
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle the Attr.style accessor, which allows remote attackers to bypass the Same Origin Policy and inject Cascading …
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2011-0161
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298449
|
- |
|
apple
|
safari
webkit
iphone_os
|
WebKit, as used in Apple Safari before 5.0.4 and iOS before 4.3, does not properly handle redirects in conjunction with HTTP Basic Authentication, which might allow remote web servers to capture cred…
|
CWE-20
Improper Input Validation
|
CVE-2011-0160
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298450
|
- |
|
apple
|
iphone_os
|
The Safari Settings feature in Safari in Apple iOS 4.x before 4.3 does not properly implement the clearing of cookies during execution of the Safari application, which might make it easier for remote…
|
CWE-20
Improper Input Validation
|
CVE-2011-0159
|
2024-11-21 10:23 |
2011-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
