|
298371
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in Mahara before 1.3.6 allows remote authenticated users to inject arbitrary web script or HTML via vectors associated with HTML e-mail messages, related to a…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1405
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298372
|
- |
|
mahara
|
mahara
|
Mahara before 1.3.6 does not properly restrict the data in responses to AJAX calls, which allows remote authenticated users to obtain sensitive information via a request associated with (1) blocktype…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1404
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298373
|
- |
|
mahara
|
mahara
|
Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3.6 allows remote attackers to hijack the authentication of arbitrary users for requests to any form,…
|
CWE-352
Origin Validation Error
|
CVE-2011-1403
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298374
|
- |
|
mahara
|
mahara
|
Mahara before 1.3.6 allows remote authenticated users to bypass intended access restrictions, and suspend a user account, edit a view, visit a view, edit a plan artefact, read a plans block, read a p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1402
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298375
|
- |
|
fon
|
la_fonera\+_firmware
la_fonera\+
|
Unspecified vulnerability on the La Fonera+ router with firmware before 1.7.0.1 allows remote attackers to cause a denial of service via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2011-1326
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298376
|
- |
|
hp
|
palm_webos
|
HP Palm webOS 1.4.5 and 1.4.5.1 does not properly restrict Plug-in Development Kit (PDK) applications, which allows local users to gain privileges by leveraging unintended filesystem write access.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1738
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298377
|
- |
|
hp
|
palm_webos
|
Multiple cross-site scripting (XSS) vulnerabilities in the Email application in HP Palm webOS 1.4.5 and 1.4.5.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-1737
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298378
|
- |
|
postfix
|
postfix
|
The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server han…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1720
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298379
|
- |
|
lockon
|
ec-cube
|
Cross-site request forgery (CSRF) vulnerability in EC-CUBE before 2.11.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2011-1325
|
2024-11-21 10:26 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298380
|
- |
|
linux
|
linux_kernel
|
The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer…
|
CWE-476
NULL Pointer Dereference
|
CVE-2011-1748
|
2024-11-21 10:26 |
2011-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
