|
263581
|
- |
|
montala
|
resourcespace
|
ResourceSpace before 4.2.2833 does not properly validate access keys, which allows remote attackers to bypass intended resource restrictions via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2011-4311
|
2011-11-21 14:00 |
2011-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263582
|
- |
|
apple
|
mac_os_x
|
The nonet and nointernet sandbox profiles in Apple Mac OS X 10.5.x do not propagate restrictions to all created processes, which allows remote attackers to access network resources via a crafted appl…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7303
|
2011-11-21 14:00 |
2011-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263583
|
- |
|
owasp-java-html-sanitizer_project
|
owasp-java-html-sanitizer
|
OWASP HTML Sanitizer (aka owasp-java-html-sanitizer) before 88, when JavaScript is disabled, allows user-assisted remote attackers to obtain potentially sensitive information via a crafted FORM eleme…
|
CWE-200
Information Exposure
|
CVE-2011-4457
|
2011-11-18 14:00 |
2011-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263584
|
- |
|
ge
|
intelligent_platforms_proficy_historian
|
Multiple stack-based buffer overflows in GE Intelligent Platforms Proficy Applications before 4.4.1 SIM 101 and 5.x before 5.0 SIM 43 allow remote attackers to cause a denial of service (daemon crash…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-1919
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263585
|
- |
|
ge
|
intelligent_platforms_proficy_historian
|
Cross-site scripting (XSS) vulnerability in the Web Administrator component in GE Intelligent Platforms Proficy Historian 4.x and earlier allows remote attackers to inject arbitrary web script or HTM…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3320
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263586
|
- |
|
olykit
|
swoopo_clone_2010
|
SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter in a product action.
|
CWE-89
SQL Injection
|
CVE-2010-4997
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263587
|
- |
|
2daybiz
|
polls_script
|
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.
|
CWE-89
SQL Injection
|
CVE-2010-5004
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263588
|
- |
|
rayzz
|
photoz
|
Cross-site scripting (XSS) vulnerability in members/profileCommentsResponse.php in Rayzz Photoz allows remote attackers to inject arbitrary web script or HTML via the profileCommentTextArea parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5005
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263589
|
- |
|
2daybiz
|
online_classified_script
|
Cross-site scripting (XSS) vulnerability in products/classified/headersearch.php in 2daybiz Online Classified Script allows remote attackers to inject arbitrary web script or HTML via the sid paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5018
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263590
|
- |
|
2daybiz
|
online_classified_script
|
SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.
|
CWE-89
SQL Injection
|
CVE-2010-5019
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
