|
299311
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Cross-site scripting (XSS) vulnerability in tiki-cookie-jar.php in TikiWiki CMS/Groupware before 8.2 and LTS before 6.5 allows remote attackers to inject arbitrary web script or HTML via arbitrary pa…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4551
|
2024-11-21 10:32 |
2012-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299312
|
- |
|
rsyslog
|
rsyslog
|
Integer overflow in the rsCStrExtendBuf function in runtime/stringbuf.c in the imfile module in rsyslog 4.x before 4.6.6, 5.x before 5.7.4, and 6.x before 6.1.4 allows local users to cause a denial o…
|
CWE-189
Numeric Errors
|
CVE-2011-4623
|
2024-11-21 10:32 |
2012-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299313
|
- |
|
wikkawiki
|
wikkawiki
|
Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remov…
|
CWE-352
Origin Validation Error
|
CVE-2011-4452
|
2024-11-21 10:32 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299314
|
- |
|
wikkawiki
|
wikkawiki
|
libs/Wakka.class.php in WikkaWiki 1.3.1 and 1.3.2, when the spam_logging option is enabled, allows remote attackers to write arbitrary PHP code to the spamlog_path file via the User-Agent HTTP header…
|
NVD-CWE-noinfo
|
CVE-2011-4451
|
2024-11-21 10:32 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299315
|
- |
|
wikkawiki
|
wikkawiki
|
Directory traversal vulnerability in handlers/files.xml/files.xml.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to read or delete arbitrary files via a non-initial .. (dot dot) in the file…
|
CWE-22
Path Traversal
|
CVE-2011-4450
|
2024-11-21 10:32 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299316
|
- |
|
wikkawiki
|
wikkawiki
|
actions/files/files.php in WikkaWiki 1.3.1 and 1.3.2, when INTRANET_MODE is enabled, supports file uploads for file extensions that are typically absent from an Apache HTTP Server TypesConfig file, w…
|
NVD-CWE-noinfo
|
CVE-2011-4449
|
2024-11-21 10:32 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299317
|
- |
|
wikkawiki
|
wikkawiki
|
SQL injection vulnerability in actions/usersettings/usersettings.php in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to execute arbitrary SQL commands via the default_comment_display parameter i…
|
CWE-89
SQL Injection
|
CVE-2011-4448
|
2024-11-21 10:32 |
2012-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299318
|
- |
|
tedfelix
|
acpid2
|
event.c in acpid (aka acpid2) before 2.0.11 does not have an appropriate umask setting during execution of event-handler scripts, which might allow local users to (1) perform write operations within …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4578
|
2024-11-21 10:32 |
2012-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299319
|
- |
|
ffmpeg
libav
|
ffmpeg
libav
|
The svq1_decode_frame function in the SVQ1 decoder (svq1dec.c) in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9, and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4579
|
2024-11-21 10:32 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299320
|
- |
|
ffmpeg
libav
|
ffmpeg
libav
|
Buffer overflow in the Sierra VMD decoder in libavcodec in FFmpeg 0.5.x before 0.5.7, 0.6.x before 0.6.4, 0.7.x before 0.7.9 and 0.8.x before 0.8.8; and in Libav 0.5.x before 0.5.6, 0.6.x before 0.6.…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-4364
|
2024-11-21 10:32 |
2012-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
