|
302061
|
- |
|
bestpractical
|
rt
|
Scrips_Overlay.pm in Best Practical Solutions RT before 3.8.9 does not properly restrict access to a TicketObj in a Scrip after a CurrentUser change, which allows remote authenticated users to obtain…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1008
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302062
|
- |
|
bestpractical
|
rt
|
Best Practical Solutions RT before 3.8.9 does not perform certain redirect actions upon a login, which allows physically proximate attackers to obtain credentials by resubmitting the login form via t…
|
CWE-255
Credentials Management
|
CVE-2011-1007
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302063
|
- |
|
cisco
|
secure_desktop
|
The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this pr…
|
CWE-20
Improper Input Validation
|
CVE-2011-0925
|
2024-11-21 10:25 |
2011-03-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302064
|
- |
|
f-secure
|
policy_manager
|
The WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux, allows …
|
CWE-200
Information Exposure
|
CVE-2011-1103
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302065
|
- |
|
f-secure
|
policy_manager
|
Cross-site scripting (XSS) vulnerability in the WebReporting module in F-Secure Policy Manager 7.x, 8.00 before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1102
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302066
|
- |
|
citrix
|
licensing_administration_console
|
Multiple unspecified vulnerabilities in a third-party component of the Citrix Licensing Administration Console 11.6, formerly License Management Console, allow remote attackers to (1) access unauthor…
|
NVD-CWE-noinfo
|
CVE-2011-1101
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302067
|
- |
|
logwatch
|
logwatch
|
logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server.
|
CWE-20
Improper Input Validation
|
CVE-2011-1018
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302068
|
- |
|
ca
|
host-based_intrusion_prevention_system
internet_security_suite_2010
internet_security_suite_2011
|
The XML Security Database Parser class in the XMLSecDB ActiveX control in the HIPSEngine component in the Management Server before 8.1.0.88, and the client before 1.6.450, in CA Host-Based Intrusion …
|
NVD-CWE-Other
|
CVE-2011-1036
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302069
|
- |
|
cisco
|
secure_desktop
|
A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute ar…
|
CWE-20
Improper Input Validation
|
CVE-2011-0926
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302070
|
- |
|
pixelpost
|
pixelpost
|
Multiple SQL injection vulnerabilities in admin/index.php in Pixelpost 1.7.3 allow remote authenticated users to execute arbitrary SQL commands via the (1) findfid, (2) id, (3) selectfcat, (4) select…
|
CWE-89
SQL Injection
|
CVE-2011-1100
|
2024-11-21 10:25 |
2011-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
