|
305151
|
- |
|
ulli_horlacher
|
fex
|
Frams's Fast File EXchange (F*EX, aka fex) 20100208, and possibly other versions before 20110610, allows remote attackers to bypass authentication and upload arbitrary files via a request that lacks …
|
CWE-287
Improper Authentication
|
CVE-2011-1409
|
2024-11-21 10:26 |
2011-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305152
|
- |
|
kbs
|
weblygo
|
Cross-site scripting (XSS) vulnerability in WeblyGo 5.0 Pro/LE, 5.02 Pro/LE, 5.03 Pro/LE, 5.04 Pro/LE, and 5.10 Pro/LE allows remote attackers to inject arbitrary web script or HTML via unspecified v…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1330
|
2024-11-21 10:26 |
2011-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305153
|
- |
|
brad_fitzpatrick
|
djabberd
|
DJabberd 0.84 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML documen…
|
CWE-399
Resource Management Errors
|
CVE-2011-1757
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305154
|
- |
|
citadel
|
citadel
|
modules/xmpp/serv_xmpp.c in Citadel 7.86 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption…
|
CWE-399
Resource Management Errors
|
CVE-2011-1756
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305155
|
7.5 |
HIGH
Network
|
jabberd2
fedoraproject
apple
|
jabberd2
fedora
mac_os_x_server
mac_os_x
|
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document c…
|
CWE-776
XML Entity Expansion
|
CVE-2011-1755
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305156
|
- |
|
jabberd
|
jabberd14
|
jabberd14 1.6.1.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML doc…
|
CWE-399
Resource Management Errors
|
CVE-2011-1754
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305157
|
- |
|
process-one
|
ejabberd
exmpp
|
expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial …
|
CWE-399
Resource Management Errors
|
CVE-2011-1753
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305158
|
- |
|
phpnuke
|
php-nuke
|
Multiple cross-site request forgery (CSRF) vulnerabilities in mainfile.php in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to hijack the authentication of administrators for reques…
|
CWE-352
Origin Validation Error
|
CVE-2011-1482
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305159
|
- |
|
phpnuke
|
php-nuke
|
Multiple cross-site scripting (XSS) vulnerabilities in Francisco Burzi PHP-Nuke 8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) sender_name or (2) sender_ema…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1481
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305160
|
- |
|
phpnuke
|
php-nuke
|
SQL injection vulnerability in admin.php in the administration backend in Francisco Burzi PHP-Nuke 8.0 and earlier allows remote attackers to execute arbitrary SQL commands via the chng_uid parameter.
|
CWE-89
SQL Injection
|
CVE-2011-1480
|
2024-11-21 10:26 |
2011-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
