|
301571
|
- |
|
michael_hudson-doyle
|
loggerhead
|
Cross-site scripting (XSS) vulnerability in templatefunctions.py in Loggerhead before 1.18.1 allows remote authenticated users to inject arbitrary web script or HTML via a filename, which is not prop…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0728
|
2024-11-21 10:24 |
2011-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301572
|
- |
|
adminofsystem
|
wp_related_posts
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration screen in wp-relatedposts.php in the WP Related Posts plugin 1.0 for WordPress allow remote attackers to hijack the aut…
|
CWE-352
Origin Validation Error
|
CVE-2011-0760
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301573
|
- |
|
symantec
|
liveupdate_administrator
|
Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests…
|
CWE-352
Origin Validation Error
|
CVE-2011-0545
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301574
|
- |
|
google
|
picasa
|
Untrusted search path vulnerability in the Locate on Disk feature in Google Picasa before 3.8 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
|
NVD-CWE-Other
|
CVE-2011-0458
|
2024-11-21 10:24 |
2011-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301575
|
- |
|
blaenkdenum
|
wp-recaptcha
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the configuration page in the Recaptcha (aka WP-reCAPTCHA) plugin 2.9.8.2 for WordPress allow remote attackers to hijack the authenticati…
|
CWE-352
Origin Validation Error
|
CVE-2011-0759
|
2024-11-21 10:24 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301576
|
- |
|
php
|
php
|
exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0708
|
2024-11-21 10:24 |
2011-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301577
|
- |
|
nazgul
|
nostromo
|
Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in …
|
CWE-22
Path Traversal
|
CVE-2011-0751
|
2024-11-21 10:24 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301578
|
- |
|
sugarcrm
|
sugarcrm
|
SugarCRM before 6.1.3 does not properly handle reloads and direct requests for a warning page produced by a certain duplicate check, which allows remote authenticated users to discover (1) the names …
|
CWE-20
Improper Input Validation
|
CVE-2011-0745
|
2024-11-21 10:24 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301579
|
- |
|
emc
|
avamar
|
Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2011-0648
|
2024-11-21 10:24 |
2011-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301580
|
- |
|
linux
redhat
canonical
|
linux_kernel
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_desktop
enterprise_linux_server_aus
enterprise_linux_eus
ubuntu_linux
|
Race condition in the cm_work_handler function in the InfiniBand driver (drivers/infiniband/core/cma.c) in Linux kernel 2.6.x allows remote attackers to cause a denial of service (panic) by sending a…
|
CWE-362
Race Condition
|
CVE-2011-0695
|
2024-11-21 10:24 |
2011-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
