|
264071
|
- |
|
homeseer
|
homeseer_hs2
|
Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitra…
|
CWE-352
Origin Validation Error
|
CVE-2011-4837
|
2011-12-15 14:00 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264072
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4064
|
2011-12-15 12:57 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264073
|
- |
|
oracle
|
linux
|
Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to "Oracle validated."
|
NVD-CWE-noinfo
|
CVE-2011-2306
|
2011-12-15 12:54 |
2011-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264074
|
- |
|
mawashimono
|
nikki
|
Directory traversal vulnerability in HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to read and modify arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-4001
|
2011-12-14 14:00 |
2011-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264075
|
- |
|
mawashimono
|
nikki
|
HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability."
|
CWE-78
OS Command
|
CVE-2011-4002
|
2011-12-14 14:00 |
2011-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264076
|
- |
|
urs_maag
|
maag_randomimage
|
Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3819
|
2011-12-14 14:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264077
|
- |
|
flagbit
|
fb_filebase
|
SQL injection vulnerability in the Flagbit Filebase (fb_filebase) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-3820
|
2011-12-14 14:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264078
|
- |
|
apache
|
solr
|
Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-3821
|
2011-12-14 14:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264079
|
- |
|
restorepoint
|
restorepoint
|
The Tadasoft Restorepoint 3.2 evaluation image uses weak permissions (www write access) for unspecified scripts, which allows local users to gain privileges by modifying a script file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4202
|
2011-12-13 23:57 |
2011-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264080
|
- |
|
restorepoint
|
restorepoint
|
remote_support.cgi in the Tadasoft Restorepoint 3.2 evaluation image allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) pid1 or (2) pid2 parameter in a stop_rem…
|
CWE-94
Code Injection
|
CVE-2011-4201
|
2011-12-13 20:55 |
2011-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
