|
309081
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2011-0003
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309082
|
- |
|
matomo
|
matomo
|
Piwik before 1.1 does not properly limit the number of files stored under tmp/sessions/, which might allow remote attackers to cause a denial of service (inode consumption) by establishing many sessi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0401
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309083
|
- |
|
matomo
|
matomo
|
Cookie.php in Piwik before 1.1 does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmiss…
|
CWE-16
Configuration
|
CVE-2011-0400
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309084
|
- |
|
matomo
|
matomo
|
Piwik before 1.1 does not prevent the rendering of the login form inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a craft…
|
NVD-CWE-Other
|
CVE-2011-0399
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309085
|
- |
|
matomo
|
matomo
|
The Piwik_Common::getIP function in Piwik before 1.1 does not properly determine the client IP address, which allows remote attackers to bypass intended geolocation and logging functionality via (1) …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0398
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309086
|
- |
|
matomo
|
matomo
|
Multiple cross-site scripting (XSS) vulnerabilities in Piwik before 1.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0004
|
2024-11-21 10:23 |
2011-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309087
|
- |
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer on Windows XP allows remote attackers to trigger an incorrect GUI display and have unspecified other impact via vectors related to the DOM implementation, as demonstrated …
|
NVD-CWE-Other
|
CVE-2011-0347
|
2024-11-21 10:23 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309088
|
- |
|
microsoft
|
internet_explorer
|
Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (…
|
CWE-399
Resource Management Errors
|
CVE-2011-0346
|
2024-11-21 10:23 |
2011-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309089
|
7.5 |
HIGH
Network
|
libvncserver_project
fedoraproject
|
libvncserver
fedora
|
A NULL pointer dereference flaw was found in the way LibVNCServer before 0.9.9 handled certain ClientCutText message. A remote attacker could use this flaw to crash the VNC server by sending a specia…
|
CWE-476
NULL Pointer Dereference
|
CVE-2010-5304
|
2024-11-21 10:22 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309090
|
7.5 |
HIGH
Network
|
edgewall
debian
|
trac
debian_linux
|
Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissio…
|
CWE-276
Incorrect Default Permissions
|
CVE-2010-5108
|
2024-11-21 10:22 |
2019-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
