|
260481
|
- |
|
homeseer
|
homeseer_hs2
|
Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4836
|
2011-12-16 04:54 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260482
|
- |
|
homeseer
|
homeseer_hs2
|
Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-4835
|
2011-12-16 04:53 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260483
|
- |
|
barter-sites
|
com_listing
|
Multiple cross-site scripting (XSS) vulnerabilities in the com_listing component in Barter Sites component 1.3 for Joomla! allow remote authenticated users to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4830
|
2011-12-16 04:01 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260484
|
- |
|
barter-sites
|
com_listing
|
SQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2011-4829
|
2011-12-16 03:56 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260485
|
- |
|
phpletter
phpmyfaq
tinymce
|
ajax_file_and_image_manager
phpmyfaq
tinymce
|
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly …
|
CWE-94
Code Injection
|
CVE-2011-4825
|
2011-12-16 03:03 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260486
|
- |
|
artsoft
|
rocks\'n\'diamonds
|
Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 allows local users to overwrite arbitrary files via a symlink attack on .rocksndiamonds/cache/artworkinfo.cache under a user's home…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4606
|
2011-12-16 01:32 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260487
|
- |
|
autosectools
|
v-cms
|
Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extensio…
|
CWE-94
Code Injection
|
CVE-2011-4828
|
2011-12-15 14:00 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260488
|
- |
|
homeseer
|
homeseer_hs2
|
Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitra…
|
CWE-352
Origin Validation Error
|
CVE-2011-4837
|
2011-12-15 14:00 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260489
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4064
|
2011-12-15 12:57 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260490
|
- |
|
oracle
|
linux
|
Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to "Oracle validated."
|
NVD-CWE-noinfo
|
CVE-2011-2306
|
2011-12-15 12:54 |
2011-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
