|
293651
|
- |
|
wondercms
|
wondercms
|
Cross-site scripting (XSS) vulnerability in editText.php in WonderCMS before 0.4 allows remote attackers to inject arbitrary web script or HTML via the content parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5317
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293652
|
- |
|
cambio_project
|
cambio
|
Cross-site request forgery (CSRF) vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentia…
|
CWE-352
Origin Validation Error
|
CVE-2011-5316
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293653
|
- |
|
whcms_project
|
whcms
|
Cross-site request forgery (CSRF) vulnerability in admin/index.php in whCMS 0.115 alpha allows remote attackers to hijack the authentication of administrators for requests that modify credentials via…
|
CWE-352
Origin Validation Error
|
CVE-2011-5315
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293654
|
- |
|
redaxscript
|
redaxscript
|
templates/default/index.php in Redaxscript 0.3.2 allows remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
|
CWE-200
Information Exposure
|
CVE-2011-5314
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293655
|
- |
|
redaxscript
|
redaxscript
|
Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote attackers to execute arbitrary SQL commands via the (1) id or (2) password parameter to the password_…
|
CWE-89
SQL Injection
|
CVE-2011-5313
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293656
|
- |
|
gollos
|
gollos
|
Multiple cross-site scripting (XSS) vulnerabilities in Gollos 2.8 allow remote attackers to inject arbitrary web script or HTML via the returnurl parameter to (1) register.aspx, (2) publication/info.…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5312
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293657
|
- |
|
cherry-design
|
wikipad
|
Cross-site request forgery (CSRF) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to hijack the authentication of administrators for requests that modify pages via the data[text] …
|
CWE-352
Origin Validation Error
|
CVE-2011-5311
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293658
|
- |
|
cherry-design
|
wikipad
|
Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter.
|
CWE-22
Path Traversal
|
CVE-2011-5310
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293659
|
- |
|
cherry-design
|
wikipad
|
Cross-site scripting (XSS) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-5309
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293660
|
- |
|
cdnvote_project
|
cdnvote
|
Multiple SQL injection vulnerabilities in cdnvote-post.php in the cdnvote plugin before 0.4.2 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) cdnvote_post_id or (2)…
|
CWE-89
SQL Injection
|
CVE-2011-5308
|
2024-11-21 10:34 |
2015-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
