|
299011
|
- |
|
spamtitan
|
spamtitan
|
Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) testaddr or (2) testpass parameter to auth-…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5149
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299012
|
- |
|
wasen
|
mod_simplefileupload
|
Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file…
|
NVD-CWE-Other
|
CVE-2011-5148
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299013
|
- |
|
freewebshop
|
freewebshop
|
Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP cod…
|
CWE-94
Code Injection
|
CVE-2011-5147
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299014
|
- |
|
ingumadev
|
bokken
|
Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files via a symlink attack on /tmp/graph.dot.
|
CWE-59
Link Following
|
CVE-2011-5146
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299015
|
- |
|
obm
|
open_business_management
|
Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote attackers to obtain configuration information via a direct request to test.php, which calls the phpinfo function.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-5144
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299016
|
- |
|
obm
|
open_business_management
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.3.20 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_name, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5143
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299017
|
- |
|
obm
|
open_business_management
|
Multiple SQL injection vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) sel_domain_id o…
|
CWE-89
SQL Injection
|
CVE-2011-5145
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299018
|
- |
|
obm
|
open_business_management
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tf_dele…
|
CWE-79
Cross-site Scripting
|
CVE-2011-5142
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299019
|
- |
|
obm
|
open_business_management
|
Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local fi…
|
CWE-22
Path Traversal
|
CVE-2011-5141
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299020
|
- |
|
diy-cms
|
blog
|
Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to execute arbitrary SQL commands via the (1) start parameter to (a) tags.php, (b) list.php, (c) index…
|
CWE-89
SQL Injection
|
CVE-2011-5140
|
2024-11-21 10:33 |
2012-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
