260101
|
- |
|
apple
|
webobjects
|
Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3998
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260102
|
- |
|
ibc.co.jp
|
iwate_portal_bar
|
Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3999
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260103
|
- |
|
courseforum
|
projectforum
|
Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4277
|
2011-11-16 14:00 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260104
|
- |
|
john_bradshaw
|
np_gallery_plugin
|
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS …
|
CWE-94
Code Injection
|
CVE-2010-5040
|
2011-11-16 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260105
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) URI attributes and (2) the External…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2771
|
2011-11-15 14:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260106
|
- |
|
mahara
|
mahara
|
Cross-site request forgery (CSRF) vulnerability in Mahara before 1.4.1 allows remote attackers to hijack the authentication of administrators for requests that add a user to an institution.
|
CWE-352
Origin Validation Error
|
CVE-2011-2773
|
2011-11-15 14:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260107
|
- |
|
mahara
|
mahara
|
The "Reply to message" feature in Mahara 1.3.x and 1.4.x before 1.4.1 allows remote authenticated users to read the messages of a different user via a modified replyto parameter.
|
CWE-200
Information Exposure
|
CVE-2011-2774
|
2011-11-15 14:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260108
|
- |
|
apple
|
iphone_os ipad2
|
The Passcode Lock feature in Apple iOS before 5.0.1 on the iPad 2 does not properly implement the locked state, which allows physically proximate attackers to access data by opening a Smart Cover dur…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3440
|
2011-11-15 14:00 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260109
|
- |
|
dell
|
kace_k2000_systems_deployment_appliance
|
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by exam…
|
CWE-310
Cryptographic Issues
|
CVE-2011-4046
|
2011-11-15 14:00 |
2011-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260110
|
- |
|
mahara
|
mahara
|
Mahara before 1.4.1, when MNet (aka the Moodle network feature) is used, allows remote authenticated users to gain privileges via a jump to an XMLRPC target.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4118
|
2011-11-15 14:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|