|
306481
|
- |
|
redhat
|
system-config-printer
|
pysmb.py in system-config-printer 0.6.x and 0.7.x, as used in foomatic-gui and possibly other products, allows remote SMB servers to execute arbitrary commands via shell metacharacters in the (1) Net…
|
CWE-20
Improper Input Validation
|
CVE-2011-2899
|
2024-11-21 10:29 |
2011-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306482
|
- |
|
rubyonrails
|
rails
|
The to_s method in actionpack/lib/action_dispatch/middleware/remote_ip.rb in Ruby on Rails 3.0.5 does not validate the X-Forwarded-For header in requests from IP addresses on a Class C network, which…
|
CWE-20
Improper Input Validation
|
CVE-2011-3187
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306483
|
- |
|
rubyonrails
|
rails
|
CRLF injection vulnerability in actionpack/lib/action_controller/response.rb in Ruby on Rails 2.3.x before 2.3.13 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response sp…
|
CWE-94
Code Injection
|
CVE-2011-3186
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306484
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Cross-site scripting (XSS) vulnerability in activesupport/lib/active_support/core_ext/string/output_safety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allow…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2932
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306485
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Cross-site scripting (XSS) vulnerability in the strip_tags helper in actionpack/lib/action_controller/vendor/html-scanner/html/node.rb in Ruby on Rails before 2.3.13, 3.0.x before 3.0.10, and 3.1.x b…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2931
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306486
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
Multiple SQL injection vulnerabilities in the quote_table_name method in the ActiveRecord adapters in activerecord/lib/active_record/connection_adapters/ in Ruby on Rails before 2.3.13, 3.0.x before …
|
CWE-89
SQL Injection
|
CVE-2011-2930
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306487
|
- |
|
rubyonrails
|
ruby_on_rails
rails
|
The template selection functionality in actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.10 and 3.1.x before 3.1.0.rc6 does not properly handle glob characters, which…
|
CWE-20
Improper Input Validation
|
CVE-2011-2929
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306488
|
- |
|
pidgin
|
pidgin
|
gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.
|
CWE-20
Improper Input Validation
|
CVE-2011-3185
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306489
|
- |
|
pidgin
|
pidgin
|
The msn_httpconn_parse_data function in httpconn.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.0 does not properly handle HTTP 100 responses, which allows remote attackers to cause …
|
CWE-399
Resource Management Errors
|
CVE-2011-3184
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306490
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3181
|
2024-11-21 10:29 |
2011-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
