|
298831
|
- |
|
linux
|
util-linux
|
mount in util-linux 2.19 and earlier does not remove the /etc/mtab.tmp file after a failed attempt to add a mount entry, which allows local users to trigger corruption of the /etc/mtab file via multi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1676
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298832
|
- |
|
linux
|
util-linux
|
mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the…
|
CWE-399
Resource Management Errors
|
CVE-2011-1675
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298833
|
- |
|
netgear
|
prosafe_wnap210
prosafe_wnap210_firmware
|
The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php.
|
CWE-287
Improper Authentication
|
CVE-2011-1674
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298834
|
- |
|
netgear
|
prosafe_wnap210
prosafe_wnap210_firmware
|
BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file.
|
CWE-310
Cryptographic Issues
|
CVE-2011-1673
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298835
|
- |
|
dell
|
kace_k2000_systems_deployment_appliance
|
The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (…
|
CWE-200
Information Exposure
|
CVE-2011-1672
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298836
|
- |
|
getontracks
|
tracks
|
Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO …
|
CWE-79
Cross-site Scripting
|
CVE-2011-1671
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298837
|
- |
|
a.kulikov
|
interra_blog_machine
|
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1670
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298838
|
- |
|
mikoviny
|
wp_custom_pages
|
Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the u…
|
CWE-22
Path Traversal
|
CVE-2011-1669
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298839
|
- |
|
awcm-cms
|
ar_web_content_manager
|
Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the se…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1668
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298840
|
- |
|
xmedien
|
anzeigenmarkt
|
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action.
|
CWE-89
SQL Injection
|
CVE-2011-1667
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
