258931
|
- |
|
exim
|
exim
|
The DKIM implementation in Exim 4.7x before 4.76 permits matching for DKIM identities to apply to lookup items, instead of only strings, which allows remote attackers to execute arbitrary code or acc…
|
CWE-20
Improper Input Validation
|
CVE-2011-1407
|
2011-09-7 12:15 |
2011-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258932
|
- |
|
mediawiki
|
mediawiki
|
api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive informati…
|
CWE-200
Information Exposure
|
CVE-2010-2787
|
2011-09-7 12:10 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258933
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the fil…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2788
|
2011-09-7 12:10 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258934
|
- |
|
sixapart
|
movable_type
|
Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 allow remote attackers to inject arbitrary web script or HTML via a (1) MTEntryAuthorUsername, (2) MTAut…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5845
|
2011-09-7 11:53 |
2009-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258935
|
- |
|
web-app.org
|
webapp
|
Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2007-1259
|
2011-09-1 13:00 |
2007-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258936
|
- |
|
wordpress
|
wordpress
|
Multiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impact and remote attack vectors. NOTE: due to lack of details, it is not clear how these issues are different from CVE-20…
|
NVD-CWE-noinfo
|
CVE-2006-4028
|
2011-09-1 13:00 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258937
|
- |
|
aimluck
|
aipo aipo-asp
|
Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2011-1341
|
2011-08-29 13:00 |
2011-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258938
|
- |
|
sun
|
java_system_web_server
|
Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP…
|
CWE-200
Information Exposure
|
CVE-2009-2445
|
2011-08-29 13:00 |
2009-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258939
|
- |
|
mojolicious
|
mojolicious
|
Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4802
|
2011-08-27 12:46 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
258940
|
- |
|
mojolicious
|
mojolicious
|
Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4803
|
2011-08-27 12:46 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|