|
299321
|
- |
|
phpcms
|
phpcms_2008
|
SQL injection vulnerability in data.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the where_time parameter in a get action.
|
CWE-89
SQL Injection
|
CVE-2011-0645
|
2024-11-21 10:24 |
2011-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299322
|
- |
|
phpcms
|
phpcms_2008
|
SQL injection vulnerability in include/admin/model_field.class.php in PHPCMS 2008 V2 allows remote attackers to execute arbitrary SQL commands via the modelid parameter to flash_upload.php.
|
CWE-89
SQL Injection
|
CVE-2011-0644
|
2024-11-21 10:24 |
2011-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299323
|
- |
|
phplinkdirectory
|
php_link_directory
|
Cross-site request forgery (CSRF) vulnerability in admin/conf_users_edit.php in PHP Link Directory (phpLD) 4.1.0 allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2011-0643
|
2024-11-21 10:24 |
2011-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299324
|
- |
|
network-13
|
n-13_news
|
Cross-site request forgery (CSRF) vulnerability in news/admin.php in N-13 News 3.4, 3.7, and 4.0 allows remote attackers to hijack the authentication of administrators for requests that create new us…
|
CWE-352
Origin Validation Error
|
CVE-2011-0642
|
2024-11-21 10:24 |
2011-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299325
|
- |
|
heart5
|
statpresscn
|
Multiple cross-site scripting (XSS) vulnerabilities in wp-admin/admin.php in the StatPressCN plugin 1.9.0 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) what1…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0641
|
2024-11-21 10:24 |
2011-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299326
|
- |
|
udev_project
|
udev
|
The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbit…
|
NVD-CWE-noinfo
|
CVE-2011-0640
|
2024-11-21 10:24 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299327
|
- |
|
apple
|
mac_os_x
|
Apple Mac OS X does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via c…
|
CWE-16
Configuration
|
CVE-2011-0639
|
2024-11-21 10:24 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299328
|
- |
|
microsoft
|
windows
|
Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs vi…
|
CWE-16
Configuration
|
CVE-2011-0638
|
2024-11-21 10:24 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299329
|
- |
|
ibm
|
aix
|
The FC SCSI protocol driver in IBM AIX 6.1 does not verify that a timer is unused before deallocating this timer, which might allow attackers to cause a denial of service (system crash) via unspecifi…
|
NVD-CWE-noinfo
|
CVE-2011-0637
|
2024-11-21 10:24 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299330
|
- |
|
nvidia
|
cuda_toolkit
|
The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows…
|
CWE-200
Information Exposure
|
CVE-2011-0636
|
2024-11-21 10:24 |
2011-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
