|
307931
|
- |
|
netgear
|
prosafe_wnap210
prosafe_wnap210_firmware
|
The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php.
|
CWE-287
Improper Authentication
|
CVE-2011-1674
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307932
|
- |
|
netgear
|
prosafe_wnap210
prosafe_wnap210_firmware
|
BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file.
|
CWE-310
Cryptographic Issues
|
CVE-2011-1673
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307933
|
- |
|
dell
|
kace_k2000_systems_deployment_appliance
|
The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (…
|
CWE-200
Information Exposure
|
CVE-2011-1672
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307934
|
- |
|
getontracks
|
tracks
|
Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO …
|
CWE-79
Cross-site Scripting
|
CVE-2011-1671
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307935
|
- |
|
a.kulikov
|
interra_blog_machine
|
Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1670
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307936
|
- |
|
mikoviny
|
wp_custom_pages
|
Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the u…
|
CWE-22
Path Traversal
|
CVE-2011-1669
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307937
|
- |
|
awcm-cms
|
ar_web_content_manager
|
Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the se…
|
CWE-79
Cross-site Scripting
|
CVE-2011-1668
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307938
|
- |
|
xmedien
|
anzeigenmarkt
|
SQL injection vulnerability in index.php in Anzeigenmarkt 2011 allows remote attackers to execute arbitrary SQL commands via the q parameter in a list action.
|
CWE-89
SQL Injection
|
CVE-2011-1667
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307939
|
- |
|
metaways
|
tine
|
Metaways Tine 2.0 allows remote attackers to obtain sensitive information via unknown vectors in (1) Crm/Controller.php, (2) Crm/Export/Csv.php, or (3) Calendar/Model/Attender.php, which reveal the f…
|
CWE-200
Information Exposure
|
CVE-2011-1666
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307940
|
- |
|
phpboost
|
phpboost
|
PHPBoost 3.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain backup SQL files via a direct request for predictable filenames …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-1665
|
2024-11-21 10:26 |
2011-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
