|
260651
|
- |
|
zenprise
|
zenprise_device_manager
|
Cross-site request forgery (CSRF) vulnerability in the web console in Zenprise Device Manager 6.x through 6.1.8 allows remote attackers to hijack the authentication of administrators for requests tha…
|
CWE-352
Origin Validation Error
|
CVE-2011-4498
|
2011-11-21 20:55 |
2011-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260652
|
- |
|
robert_luberda
|
man2html
|
Cross-site scripting (XSS) vulnerability in man2html.cgi.c in man2html 1.6, and possibly other version, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related …
|
CWE-79
Cross-site Scripting
|
CVE-2011-2770
|
2011-11-21 14:00 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260653
|
- |
|
phpmyadmin
|
phpmyadmin
|
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation…
|
CWE-20
Improper Input Validation
|
CVE-2011-3646
|
2011-11-21 14:00 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260654
|
- |
|
montala
|
resourcespace
|
ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers to bypass intended resource restrictions via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2011-4311
|
2011-11-21 14:00 |
2011-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260655
|
- |
|
apple
|
mac_os_x
|
The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted appl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7303
|
2011-11-21 14:00 |
2011-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260656
|
- |
|
owasp-java-html-sanitizer_project
|
owasp-java-html-sanitizer
|
OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when JavaScript is disabled, allows user-assisted remote attackers to obtain potentially sensitive information via a crafted FORM eleme…
|
CWE-200
Information Exposure
|
CVE-2011-4457
|
2011-11-18 14:00 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260657
|
- |
|
ge
|
intelligent_platforms_proficy_historian
|
Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1919
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260658
|
- |
|
ge
|
intelligent_platforms_proficy_historian
|
Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3320
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260659
|
- |
|
olykit
|
swoopo_clone_2010
|
SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action.
|
CWE-89
SQL Injection
|
CVE-2010-4997
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260660
|
- |
|
2daybiz
|
polls_script
|
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2010-5004
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
