|
263521
|
- |
|
phpletter
phpmyfaq
tinymce
|
ajax_file_and_image_manager
phpmyfaq
tinymce
|
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly …
|
CWE-94
Code Injection
|
CVE-2011-4825
|
2011-12-16 03:03 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263522
|
- |
|
artsoft
|
rocks\'n\'diamonds
|
Artsoft Entertainment Rocks'n'Diamonds (aka rocksndiamonds) 3.3.0.1 allows local users to overwrite arbitrary files via a symlink attack on .rocksndiamonds/cache/artworkinfo.cache under a user's home…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-4606
|
2011-12-16 01:32 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263523
|
- |
|
autosectools
|
v-cms
|
Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extensio…
|
CWE-94
Code Injection
|
CVE-2011-4828
|
2011-12-15 14:00 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263524
|
- |
|
homeseer
|
homeseer_hs2
|
Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitra…
|
CWE-352
Origin Validation Error
|
CVE-2011-4837
|
2011-12-15 14:00 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263525
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in the setup interface in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4064
|
2011-12-15 12:57 |
2011-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263526
|
- |
|
oracle
|
linux
|
Unspecified vulnerability in Oracle Linux 4 and 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to "Oracle validated."
|
NVD-CWE-noinfo
|
CVE-2011-2306
|
2011-12-15 12:54 |
2011-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263527
|
- |
|
mawashimono
|
nikki
|
Directory traversal vulnerability in HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to read and modify arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-4001
|
2011-12-14 14:00 |
2011-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263528
|
- |
|
mawashimono
|
nikki
|
HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability."
|
CWE-78
OS Command
|
CVE-2011-4002
|
2011-12-14 14:00 |
2011-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263529
|
- |
|
urs_maag
|
maag_randomimage
|
Unspecified vulnerability in the Random Images (maag_randomimage) extension 1.6.4 and earlier for TYPO3 allows remote attackers to execute arbitrary shell commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2009-3819
|
2011-12-14 14:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263530
|
- |
|
flagbit
|
fb_filebase
|
SQL injection vulnerability in the Flagbit Filebase (fb_filebase) extension 0.1.0 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-3820
|
2011-12-14 14:00 |
2009-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
