264061
|
- |
|
skyarc
|
autotagging duplicateentry mailpack mtcms multifileuploader
|
Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0…
|
CWE-352
Origin Validation Error
|
CVE-2011-3994
|
2011-11-16 14:00 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264062
|
- |
|
opengear
|
opengear_console_server_firmware acm5000_console_server cm4000_console_server im4004-5_console_server im4200_console_server img4000_console_server kcs6000_rackside_console_server
|
Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2011-3997
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264063
|
- |
|
apple
|
webobjects
|
Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3998
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264064
|
- |
|
ibc.co.jp
|
iwate_portal_bar
|
Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3999
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264065
|
- |
|
courseforum
|
projectforum
|
Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4277
|
2011-11-16 14:00 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264066
|
- |
|
john_bradshaw
|
np_gallery_plugin
|
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS …
|
CWE-94
Code Injection
|
CVE-2010-5040
|
2011-11-16 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264067
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) URI attributes and (2) the External…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2771
|
2011-11-15 14:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264068
|
- |
|
mahara
|
mahara
|
Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 allows remote attackers to hijack the authentication of administrators for requests that add a user to an institution.
|
CWE-352
Origin Validation Error
|
CVE-2011-2773
|
2011-11-15 14:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264069
|
- |
|
mahara
|
mahara
|
The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1 allows remote authenticated users to read the messages of a different user via a modified replyto parameter.
|
CWE-200
Information Exposure
|
CVE-2011-2774
|
2011-11-15 14:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264070
|
- |
|
apple
|
iphone_os ipad2
|
The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover dur…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3440
|
2011-11-15 14:00 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|