260201
|
- |
|
squirrelmail
|
squirrelmail
|
Cross-site scripting (XSS) vulnerability in functions/mime.php in SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web script or HTML via a crafted STYLE element in an e-mail me…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2023
|
2012-02-14 13:06 |
2011-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260202
|
- |
|
apple
|
mac_os_x mac_os_x_server
|
The i386_set_ldt system call in the kernel in Apple Mac OS X before 10.6.7 does not properly handle call gates, which allows local users to gain privileges via vectors involving the creation of a cal…
|
CWE-20
Improper Input Validation
|
CVE-2011-0182
|
2012-02-14 13:03 |
2011-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260203
|
- |
|
oneorzero
|
aims
|
Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the (1) id p…
|
CWE-89
SQL Injection
|
CVE-2010-4834
|
2012-02-14 13:02 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260204
|
- |
|
oneorzero
|
aims
|
Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 Members Edition allows remote authenticated users to read arbitrary files via directory traversal sequences in the controller pa…
|
CWE-22
Path Traversal
|
CVE-2010-4835
|
2012-02-14 13:02 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260205
|
- |
|
extensiondepot
|
com_jsupport
|
Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the subject parameter (title fie…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4837
|
2012-02-14 13:02 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260206
|
- |
|
extensiondepot
|
com_jsupport
|
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the a…
|
CWE-89
SQL Injection
|
CVE-2010-4838
|
2012-02-14 13:02 |
2011-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260207
|
- |
|
diferior
|
diferior
|
Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 allow remote attackers to inject arbitrary web script or HTML via the (1) post_content parameter to post/edit/2/p1.html, related t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4850
|
2012-02-14 13:02 |
2011-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260208
|
- |
|
eclime
|
eclime
|
Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary SQL commands via the (1) ref or (2) poll_id parameter to index.php, or the (3) country parameter to…
|
CWE-89
SQL Injection
|
CVE-2010-4851
|
2012-02-14 13:02 |
2011-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260209
|
- |
|
eclime
|
eclime
|
Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b allows remote attackers to inject arbitrary web script or HTML via the reason parameter in a fail action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4852
|
2012-02-14 13:02 |
2011-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260210
|
- |
|
aspindir
|
xweblog
|
SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary SQL commands via the makale_id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4855
|
2012-02-14 13:02 |
2011-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|