|
299571
|
- |
|
opera
|
opera_browser
|
Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."
|
CWE-310
Cryptographic Issues
|
CVE-2011-4684
|
2024-11-21 10:32 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299572
|
- |
|
opera
|
opera_browser
|
Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue."
|
NVD-CWE-noinfo
|
CVE-2011-4683
|
2024-11-21 10:32 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299573
|
- |
|
opera
|
opera_browser
|
The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different w…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4682
|
2024-11-21 10:32 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299574
|
- |
|
opera
|
opera_browser
|
Opera before 11.60 does not properly consider the number of . (dot) characters that conventionally exist in domain names of different top-level domains, which allows remote attackers to bypass the Sa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4681
|
2024-11-21 10:32 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299575
|
- |
|
vtiger
|
vtiger_crm
|
Multiple cross-site scripting (XSS) vulnerabilities in the customer portal in vtiger CRM before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4680
|
2024-11-21 10:32 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299576
|
- |
|
vtiger
|
vtiger_crm
|
vtiger CRM before 5.3.0 does not properly recognize the disabled status of a field in the Leads module, which allows remote authenticated users to bypass intended access restrictions by reading a pre…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4679
|
2024-11-21 10:32 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299577
|
- |
|
apc
|
powerchute
|
Cross-site scripting (XSS) vulnerability in Schneider Electric PowerChute Business Edition before 8.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4263
|
2024-11-21 10:32 |
2011-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299578
|
- |
|
oneclickorgs
|
one_click_orgs
|
The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts depending on whether the e-mail address is registered, which allows remote attac…
|
CWE-255
Credentials Management
|
CVE-2011-4678
|
2024-11-21 10:32 |
2011-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299579
|
- |
|
oneclickorgs
|
one_click_orgs
|
One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
|
CWE-287
Improper Authentication
|
CVE-2011-4677
|
2024-11-21 10:32 |
2011-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299580
|
- |
|
oneclickorgs
|
one_click_orgs
|
One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticated users to cause a denial of service (login disruption) or spoof votes or comme…
|
CWE-255
Credentials Management
|
CVE-2011-4555
|
2024-11-21 10:32 |
2011-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
