|
299911
|
- |
|
apache
opensymphony
|
struts
xwork
webwork
|
Multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x before 2.2.3, and OpenSymphony XWork in OpenSymphony WebWork, allow remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1772
|
2024-11-21 10:27 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299912
|
- |
|
inventivetec
|
mediacast
|
MediaCAST 8 and earlier does not properly handle requests for inventivex/isptools/release/metadata/globalIncludeFolders.txt, which allows remote attackers to obtain sensitive information via unspecif…
|
CWE-200
Information Exposure
|
CVE-2011-2081
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299913
|
- |
|
inventivetec
|
mediacast
|
Multiple SQL injection vulnerabilities in MediaCAST 8 and earlier allow remote attackers to execute arbitrary SQL commands via (1) a CP_ENLARGESTYLE cookie to the default URI under inventivex/managet…
|
CWE-89
SQL Injection
|
CVE-2011-2080
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299914
|
- |
|
inventivetec
|
mediacast
|
MediaCAST 8 and earlier allows remote attackers to have an unspecified impact via a (1) CP_RIGHTSOURCE or (2) bdclient_Inventive cookie to the default URI under inventivex/managetraining/, related to…
|
CWE-20
Improper Input Validation
|
CVE-2011-2079
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299915
|
- |
|
inventivetec
|
mediacast
|
Multiple cross-site scripting (XSS) vulnerabilities in the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier allow remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2078
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299916
|
- |
|
inventivetec
|
mediacast
|
The default configuration of the New Atlanta BlueDragon administrative interface in MediaCAST 8 and earlier enables external TCP connections to port 10000, instead of connections only from 127.0.0.1,…
|
CWE-16
Configuration
|
CVE-2011-2077
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299917
|
- |
|
inventivetec
|
mediacast
|
MediaCAST 8 and earlier stores passwords in cleartext, which makes it easier for context-dependent attackers to obtain sensitive information by reading an unspecified password data store, a different…
|
CWE-200
Information Exposure
|
CVE-2011-2076
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299918
|
- |
|
google
|
chrome
|
Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague ad…
|
NVD-CWE-noinfo
|
CVE-2011-2075
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299919
|
- |
|
skype
|
skype
|
Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 on Mac OS X allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via a cr…
|
NVD-CWE-noinfo
|
CVE-2011-2074
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299920
|
- |
|
opera
|
opera_browser
|
The VEGAOpBitmap::AddLine function in Opera before 10.61 does not properly initialize memory during processing of the SIZE attribute of a SELECT element, which allows remote attackers to trigger an i…
|
CWE-20
Improper Input Validation
|
CVE-2011-1824
|
2024-11-21 10:27 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
