|
295631
|
- |
|
sap
|
crystal_reports_server
|
Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4805
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295632
|
- |
|
foobla
|
com_obsuggest
|
Directory traversal vulnerability in the obSuggest (com_obsuggest) component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to i…
|
CWE-22
Path Traversal
|
CVE-2011-4804
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295633
|
- |
|
bravenewcode
|
wptouch
|
SQL injection vulnerability in wptouch/ajax.php in the WPTouch plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2011-4803
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295634
|
- |
|
dolibarr
|
dolibarr_erp\/crm
|
Multiple SQL injection vulnerabilities in Dolibarr 3.1.0 RC and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sortfield, (2) sortorder, and (3) sall …
|
CWE-89
SQL Injection
|
CVE-2011-4802
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295635
|
- |
|
authenex
|
authenex_strong_authentication_system_server
|
SQL injection vulnerability in akeyActivationLogin.do in Authenex Web Management Control in Authenex Strong Authentication System (ASAS) Server 3.1.0.2 and 3.1.0.3 allows remote attackers to execute …
|
CWE-89
SQL Injection
|
CVE-2011-4801
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295636
|
- |
|
solarwinds
|
serv-u_file_server
|
Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (do…
|
CWE-22
Path Traversal
|
CVE-2011-4800
|
2024-11-21 10:33 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295637
|
9.8 |
CRITICAL
Network
|
polarssl
|
polarssl
|
PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its heart, this uses timing information based on the processor's high resolution timer (the RDTSC instruction). T…
|
-
|
CVE-2011-4574
|
2024-11-21 10:32 |
2021-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295638
|
5.3 |
MEDIUM
Network
|
lexmark
|
x860_firmware
x862_firmware
x864_firmware
x734_firmware
x736_firmware
x738_firmware
x651_firmware
x652_firmware
x654_firmware
x656_firmware
x658_firmware
x543_firmwar…
|
Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings.
|
CWE-200
Information Exposure
|
CVE-2011-4538
|
2024-11-21 10:32 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295639
|
7.8 |
HIGH
Local
|
shaman_project
|
shaman
|
Shaman 1.0.9: Users can add the line askforpwd=false to his shaman.conf file, without entering the root password in shaman. The next time shaman is run, root privileges are granted despite the fact t…
|
CWE-287
Improper Authentication
|
CVE-2011-4338
|
2024-11-21 10:32 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295640
|
7.5 |
HIGH
Network
|
cisco
|
ios
|
A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2011-4661
|
2024-11-21 10:32 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
