|
295281
|
- |
|
magentocommerce
|
magento
|
Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle…
|
CWE-20
Improper Input Validation
|
CVE-2011-5240
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295282
|
- |
|
civicrm
|
civicrm
|
CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-midd…
|
CWE-20
Improper Input Validation
|
CVE-2011-5239
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295283
|
- |
|
google
|
checkout-php
|
google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which a…
|
CWE-20
Improper Input Validation
|
CVE-2011-5238
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295284
|
- |
|
paypal
|
wps_toolkit
|
PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle at…
|
CWE-20
Improper Input Validation
|
CVE-2011-5237
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295285
|
- |
|
moneris
|
eselect_plus
|
Moneris eSelectPlus 2.03 PHP API does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in…
|
CWE-20
Improper Input Validation
|
CVE-2011-5236
|
2024-11-21 10:33 |
2012-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295286
|
- |
|
mnogosearch
|
mnogosearch
|
SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrary SQL commands via the hostname in a hypertext link.
|
CWE-89
SQL Injection
|
CVE-2011-5235
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295287
|
- |
|
scripte24shop
|
social_network_community
|
SQL injection vulnerability in user.php in Social Network Community 2 allows remote attackers to execute arbitrary SQL commands via the userId parameter.
|
CWE-89
SQL Injection
|
CVE-2011-5234
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295288
|
- |
|
irfanview
|
irfanview
|
Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary code via crafted "Rows Per Strip" and "Samples Per Pixel" values in a TIFF image file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-5233
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295289
|
- |
|
seotoaster
|
seotoaster
|
Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass function in seotoaster_core/application/models/LoginModel.php in Seotoaster 1.9 and earlier allow remote attackers to execute arb…
|
CWE-89
SQL Injection
|
CVE-2011-5230
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295290
|
- |
|
apprain
|
apprain
|
SQL injection vulnerability in quickstart/profile/index.php in the Forum module in appRain CMF 0.1.5 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
|
CWE-89
SQL Injection
|
CVE-2011-5229
|
2024-11-21 10:33 |
2012-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
