|
300221
|
- |
|
webempoweredchurch
|
wec_discussion
|
Multiple SQL injection vulnerabilities in WEC Discussion Forum (wec_discussion) extension 2.1.0 and earlier for TYPO3 allow remote attackers to execute arbitrary SQL commands via unspecified vectors,…
|
CWE-89
SQL Injection
|
CVE-2011-1722
|
2024-11-21 10:26 |
2011-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300222
|
- |
|
obspm
|
webjaxe
|
Cross-site request forgery (CSRF) vulnerability in php/partie_administrateur/administration.php in WebJaxe 1.02 allows remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2011-1721
|
2024-11-21 10:26 |
2011-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300223
|
- |
|
skype
|
skype_for_android
|
Skype for Android stores sensitive user data without encryption in sqlite3 databases that have weak permissions, which allows local applications to read user IDs, contacts, phone numbers, date of bir…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1717
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300224
|
- |
|
xymon
|
xymon
|
Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-1716
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300225
|
- |
|
qooxdoo
|
qooxdoo
|
Directory traversal vulnerability in framework/source/resource/qx/test/part/delay.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products allows remo…
|
CWE-22
Path Traversal
|
CVE-2011-1715
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300226
|
- |
|
qooxdoo
|
qooxdoo
|
Cross-site scripting (XSS) vulnerability in framework/source/resource/qx/test/jsonp_primitive.php in QooxDoo 1.3 and possibly other versions, as used in eyeOS 2.2 and 2.3, and possibly other products…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1714
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300227
|
- |
|
otrs
|
otrs
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) 2.4.x before 2.4.10 and 3.x before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via uns…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1518
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300228
|
- |
|
nicholas_marriott
|
tmux
|
tmux 1.3 and 1.4 does not properly drop group privileges, which allows local users to gain utmp group privileges via a filename to the -S command-line option.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1496
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300229
|
- |
|
realnetworks
|
realplayer
realplayer_sp
|
The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified i…
|
NVD-CWE-Other
|
CVE-2011-1426
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300230
|
- |
|
broadcom
|
total_defense
|
The management.asmx module in the Management Web Service in the Unified Network Control (UNC) Server in CA Total Defense (TD) r12 before SE2 sends a cleartext response to unspecified getDBConfigSetti…
|
CWE-310
Cryptographic Issues
|
CVE-2011-1655
|
2024-11-21 10:26 |
2011-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
