|
296321
|
- |
|
yaws
|
yaws
|
Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remote attackers to inject arbitrary web script or HTML via (1) the tag parameter to editTag.yaws, (2) t…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5025
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296322
|
- |
|
gnu
|
mailman
|
Cross-site scripting (XSS) vulnerability in mmsearch/design in the Mailman/htdig integration patch for Mailman allows remote attackers to inject arbitrary web script or HTML via the config parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5024
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296323
|
- |
|
pligg
|
pligg_cms
|
Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the search program, a different vulnerability than CVE-…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5023
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296324
|
- |
|
pligg
|
pligg_cms
|
SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbitrary SQL commands via the status parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5022
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296325
|
- |
|
winn
|
winn_guestbook
|
Cross-site scripting (XSS) vulnerability in the addPost function in data/functions.php in Winn GuestBook before 2.4.8d allows remote attackers to inject arbitrary web script or HTML via the name para…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5026
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296326
|
- |
|
phpids
|
phpids
|
PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, which allows remote attackers to bypass rulesets and add PHP sequences to a file via unspecified ve…
|
CWE-94
Code Injection
|
CVE-2011-5021
|
2024-11-21 10:33 |
2011-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296327
|
- |
|
attachmate
|
reflection_2011r1
reflection_2008r2
reflection_2008
reflection
reflection_2008r1
|
Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other versions), as used in Attachmate Reflection 2008, Reflection 2011 R1 before 15.3.2.569 and R1 SP1 bef…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5012
|
2024-11-21 10:33 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296328
|
- |
|
xt-commerce
|
xt-commerce
|
Multiple cross-site request forgery (CSRF) vulnerabilities in xt:Commerce 3.0.4 SP2.1 and possibly earlier allow remote attackers to hijack the authentication of Admins for requests that (1) set a Ne…
|
CWE-352
Origin Validation Error
|
CVE-2011-5011
|
2024-11-21 10:33 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296329
|
- |
|
ctekproducts
|
skyrouter
|
apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbitrary commands via shell metacharacters in the PINGADDRESS parameter for a "u" action.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5010
|
2024-11-21 10:33 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296330
|
- |
|
3ssoftware
|
codesys
|
The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to cause a denial of service (NULL pointer dereference) via (1) a crafted Content-Length in an…
|
NVD-CWE-Other
|
CVE-2011-5009
|
2024-11-21 10:33 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
