256811
|
- |
|
memcache_project
|
memcache
|
The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might "lead to a role change not being recognized until th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5276
|
2012-10-9 06:19 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256812
|
- |
|
ibm
|
lotus_notes_traveler
|
Open redirect vulnerability in servlet/traveler in IBM Lotus Notes Traveler 8.5.3 before 8.5.3.3 Interim Fix 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing at…
|
CWE-20
Improper Input Validation
|
CVE-2012-4824
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256813
|
- |
|
ibm
|
lotus_notes_traveler
|
Multiple cross-site scripting (XSS) vulnerabilities in servlet/traveler/ILNT.mobileconfig in IBM Lotus Notes Traveler before 8.5.3.2 allow remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2012-4825
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256814
|
- |
|
ibm
|
lotus_notes_traveler
|
Cross-site scripting (XSS) vulnerability in servlet/traveler in IBM Lotus Notes Traveler before 8.5.3.3 Interim Fix 1, when Firefox is used, allows remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2012-5307
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256815
|
- |
|
ibm
|
lotus_notes_traveler
|
Cross-site request forgery (CSRF) vulnerability in servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 allows remote attackers to hijack the authentication of arbitrary users f…
|
CWE-352
Origin Validation Error
|
CVE-2012-5308
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256816
|
- |
|
ibm
|
lotus_notes_traveler
|
servlet/traveler in IBM Lotus Notes Traveler through 8.5.3.3 Interim Fix 1 does not properly restrict invalid authentication attempts, which makes it easier for remote attackers to obtain access via …
|
CWE-287
Improper Authentication
|
CVE-2012-5309
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256817
|
- |
|
spamtitan
|
webtitan
|
Multiple SQL injection vulnerabilities in SpamTitan WebTitan before 3.60 allow remote attackers to execute arbitrary SQL commands via (1) the username parameter to login-x.php, and allow remote authe…
|
CWE-89
SQL Injection
|
CVE-2011-4638
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256818
|
- |
|
spamtitan
|
webtitan
|
The (1) Traceroute and (2) Ping implementations in tools.php in SpamTitan WebTitan before 3.60 allow remote authenticated users to execute arbitrary commands via shell metacharacters in an argument, …
|
CWE-94
Code Injection
|
CVE-2011-4639
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256819
|
- |
|
spamtitan
|
webtitan
|
Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the fname parameter in a view action.
|
CWE-22
Path Traversal
|
CVE-2011-4640
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
256820
|
- |
|
vwar
|
virtual_war
|
SQL injection vulnerability in article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to execute arbitrary SQL commands via the ratearticleselect parameter.
|
CWE-89
SQL Injection
|
CVE-2010-5063
|
2012-10-8 19:47 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|