|
295641
|
7.2 |
HIGH
Network
|
tiki
|
tiki
|
Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters.
|
CWE-74
Injection
|
CVE-2011-4558
|
2024-11-21 10:32 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295642
|
7.5 |
HIGH
Network
|
websitebaker
|
websitebaker
|
websitebaker prior to and including 2.8.1 has an authentication error in backup module.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2011-4322
|
2024-11-21 10:32 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295643
|
6.1 |
MEDIUM
Network
|
tiki
|
tikiwiki_cms\/groupware
|
Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4336
|
2024-11-21 10:32 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295644
|
6.1 |
MEDIUM
Network
|
caseproof
|
pretty_link
|
Pretty-Link WordPress plugin 1.5.2 has XSS
|
CWE-79
Cross-site Scripting
|
CVE-2011-4595
|
2024-11-21 10:32 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295645
|
7.5 |
HIGH
Network
|
cmsmadesimple
|
cms_made_simple
|
The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles.
|
CWE-20
Improper Input Validation
|
CVE-2011-4310
|
2024-11-21 10:32 |
2019-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295646
|
6.5 |
MEDIUM
Network
|
yaws
debian
|
yaws
debian_linux
|
Yaws 1.91 has a directory traversal vulnerability in the way certain URLs are processed. A remote authenticated user could use this flaw to obtain content of arbitrary local files via specially-craft…
|
CWE-22
Path Traversal
|
CVE-2011-4350
|
2024-11-21 10:32 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295647
|
6.1 |
MEDIUM
Network
|
tiki
|
tiki
|
Multiple cross-site scripting vulnerabilities in Tiki 7.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-admin_system.php, (2) tiki-pagehistor…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4455
|
2024-11-21 10:32 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295648
|
6.1 |
MEDIUM
Network
|
tiki
|
tiki
|
Multiple cross-site scripting vulnerabilities in Tiki 8.0 RC1 and earlier allow remote attackers to inject arbitrary web script or HTML via the path info to (1) tiki-remind_password.php, (2) tiki-ind…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4454
|
2024-11-21 10:32 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295649
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the tcemain flash message.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4632
|
2024-11-21 10:32 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295650
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4 allows remote attackers to inject arbitrary web script or HTML via the system extension recycler.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4631
|
2024-11-21 10:32 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
