|
263621
|
- |
|
tencent
|
qqpphoto
|
The Tencent QQPhoto (com.tencent.qqphoto) application 0.97 for Android does not properly protect data, which allows remote attackers to read or modify contact information and a password hash via a cr…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4867
|
2012-02-7 14:00 |
2012-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263622
|
- |
|
cafuego
|
simple_document_management_system
|
SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote attackers to execute arbitrary SQL commands via the doc_id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4986
|
2012-02-7 14:00 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263623
|
- |
|
cafuego
|
simple_document_management_system
|
Multiple SQL injection vulnerabilities in Simple Document Management System (SDMS) 2.0-CVS and earlier allow remote attackers to execute arbitrary SQL commands via the (1) folder_id parameter in list…
|
CWE-89
SQL Injection
|
CVE-2005-3877
|
2012-02-7 14:00 |
2005-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263624
|
- |
|
oscommerce
|
oscommerce
|
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2012-0311
|
2012-02-6 14:00 |
2012-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263625
|
- |
|
oscommerce
|
online_merchant
oscommerce
|
Cross-site scripting (XSS) vulnerability in osCommerce 2.2MS1J before R9, and osCommerce Online Merchant before 2.3.1, allows remote attackers to inject arbitrary web script or HTML via unspecified v…
|
CWE-79
Cross-site Scripting
|
CVE-2012-0312
|
2012-02-6 14:00 |
2012-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263626
|
- |
|
emc
|
networker
|
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2012-0395
|
2012-02-6 14:00 |
2012-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263627
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Address Book in Apple Mac OS X before 10.7.3 automatically switches to unencrypted sessions upon failure of encrypted connections, which allows remote attackers to read CardDAV data by terminating an…
|
CWE-310
Cryptographic Issues
|
CVE-2011-3444
|
2012-02-6 14:00 |
2012-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263628
|
- |
|
rsa
|
envision
|
EMC RSA enVision 4.0 before SP4 P5 and 4.1 before P3 allows remote attackers to obtain sensitive information about environment variables in the web system via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2011-4143
|
2012-02-6 14:00 |
2012-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263629
|
- |
|
siemens
|
wincc_flexible
wincc
simatic_hmi_panels
wincc_runtime_advanced
wincc_flexible_runtime
|
The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008; WinCC V11 (aka TIA portal); the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4509
|
2012-02-6 14:00 |
2012-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263630
|
- |
|
siemens
|
wincc_flexible
wincc
simatic_hmi_panels
wincc_runtime_advanced
wincc_flexible_runtime
|
Cross-site scripting (XSS) vulnerability in the HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4510
|
2012-02-6 14:00 |
2012-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
