|
298481
|
- |
|
emc
|
networker
|
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1421
|
2024-11-21 10:26 |
2011-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298482
|
- |
|
redmine
|
redmine
|
Cross-site scripting (XSS) vulnerability in app/views/layouts/base.rhtml in Redmine 1.0.1 through 1.1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to projects/hg…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1723
|
2024-11-21 10:26 |
2011-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298483
|
- |
|
webempoweredchurch
|
wec_discussion
|
Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors,…
|
CWE-89
SQL Injection
|
CVE-2011-1722
|
2024-11-21 10:26 |
2011-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298484
|
- |
|
obspm
|
webjaxe
|
Cross-site request forgery (CSRF) vulnerability in php/partie_administrateur/administration.php in WebJaxe 1.02 allows remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2011-1721
|
2024-11-21 10:26 |
2011-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298485
|
- |
|
skype
|
skype_for_android
|
Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak permissions, which allows local applications to read user IDs, contacts, phone numbers, date of bir…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1717
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298486
|
- |
|
xymon
|
xymon
|
Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-1716
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298487
|
- |
|
qooxdoo
|
qooxdoo
|
Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remo…
|
CWE-22
Path Traversal
|
CVE-2011-1715
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298488
|
- |
|
qooxdoo
|
qooxdoo
|
Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1714
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298489
|
- |
|
otrs
|
otrs
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) 2.4.x before 2.4.10 and 3.x before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1518
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298490
|
- |
|
nicholas_marriott
|
tmux
|
tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1496
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
