264441
|
- |
|
trustwave
|
webdefend
|
Trustwave WebDefend Enterprise before 5.0 7.01.903-1.4 stores specific user-account credentials in a MySQL database, which makes it easier for remote attackers to read the event collection table via …
|
CWE-255
Credentials Management
|
CVE-2011-1906
|
2011-05-31 13:00 |
2011-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264442
|
- |
|
bravenewcode
|
wptouch
|
Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4 and 1.9.20 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wp…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4779
|
2011-05-31 13:00 |
2011-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264443
|
- |
|
vmware
|
vcenter virtualcenter
|
Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbit…
|
CWE-22
Path Traversal
|
CVE-2011-0426
|
2011-05-27 13:00 |
2011-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264444
|
- |
|
yamaha nec
|
rt100i rt102i rt103i rt105e rt105i rt105p rt107e rt140e rt140f rt140i rt140p rt200i rt250i rt300i rt56v rt57i rt58i rt60w rt80i rta50i rta5…
|
Yamaha RTX, RT, SRT, RTV, RTW, and RTA series routers with firmware 6.x through 10.x, and NEC IP38X series routers with firmware 6.x through 10.x, do not properly handle IP header options, which allo…
|
CWE-20
Improper Input Validation
|
CVE-2011-1323
|
2011-05-27 13:00 |
2011-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264445
|
- |
|
buffalotech
|
bbr-4hg_firmware bbr-4mg_firmware bhr-4rv_firmware fs-g54_firmware wer-a54g54_firmware wer-ag54_firmware wer-am54g54_firmware wer-amg54_firmware whr-am54g54_firmware whr-am…
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the management screen on Buffalo WHR, WZR2, WZR, WER, and BBR series routers with firmware 1.x; BHR-4RV and FS-G54 routers with firmware …
|
CWE-352
Origin Validation Error
|
CVE-2011-1324
|
2011-05-27 13:00 |
2011-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264446
|
- |
|
samsung
|
data_management_server
|
SQL injection vulnerability in the authentication form in the integrated web server in the Data Management Server (DMS) before 1.4.3 in Samsung Integrated Management System allows remote attackers to…
|
CWE-89
SQL Injection
|
CVE-2010-4284
|
2011-05-27 13:00 |
2011-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264447
|
- |
|
ibm
|
web_content_manager
|
The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote authenticated users to bypass intended access restrictions on draft creation by leveraging certain r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4806
|
2011-05-27 01:55 |
2011-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264448
|
- |
|
lockon
|
ec-cube
|
Cross-site request forgery (CSRF) vulnerability in EC-CUBE before 2.11.0 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2011-1325
|
2011-05-26 13:00 |
2011-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264449
|
- |
|
vmware
|
esx esxi vcenter
|
The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1…
|
CWE-310
Cryptographic Issues
|
CVE-2011-1789
|
2011-05-26 13:00 |
2011-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264450
|
- |
|
skype
|
skype
|
Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 on Mac OS X allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via a cr…
|
NVD-CWE-noinfo
|
CVE-2011-2074
|
2011-05-26 13:00 |
2011-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|