|
301701
|
- |
|
modxcms
|
evolution
|
Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) installer or (2) image editor.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0741
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301702
|
- |
|
pleer
|
rss_feed_reader
|
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in RSS Feed Reader 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url para…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0740
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301703
|
- |
|
mikel_lindsaar
|
mail
|
The deliver function in the sendmail delivery agent (lib/mail/network/delivery_methods/sendmail.rb) in Ruby Mail gem 2.2.14 and earlier allows remote attackers to execute arbitrary commands via shell…
|
CWE-20
Improper Input Validation
|
CVE-2011-0739
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301704
|
- |
|
ncsa
globus
|
myproxy
globus_toolkit
|
MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote …
|
CWE-20
Improper Input Validation
|
CVE-2011-0738
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301705
|
- |
|
adobe
|
coldfusion
|
Adobe ColdFusion 9.0.1 CHF1 and earlier allows remote attackers to obtain sensitive information via an id=- query to a .cfm file, which reveals the installation path in an error message. NOTE: the v…
|
CWE-200
Information Exposure
|
CVE-2011-0737
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301706
|
- |
|
adobe
|
coldfusion
|
Adobe ColdFusion 9.0.1 CHF1 and earlier, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id…
|
CWE-200
Information Exposure
|
CVE-2011-0736
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301707
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via vectors involving a "tag script."
|
CWE-79
Cross-site Scripting
|
CVE-2011-0735
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301708
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via an id parameter containing a JavaScript onLoad event …
|
CWE-79
Cross-site Scripting
|
CVE-2011-0734
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301709
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion before 9.0.1 CHF1 allows remote attackers to inject arbitrary web script or HTML via the User-Agent HTTP header in an id=- query to a .cfm…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0733
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301710
|
- |
|
ibm
|
tivoli_integrated_portal
tivoli_common_reporting
|
Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, re…
|
NVD-CWE-noinfo
|
CVE-2011-0732
|
2024-11-21 10:24 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
