263931
|
- |
|
2daybiz
|
online_classified_script
|
SQL injection vulnerability in view_photo.php in 2daybiz Online Classified Script allows remote attackers to execute arbitrary SQL commands via the alb parameter.
|
CWE-89
SQL Injection
|
CVE-2010-5019
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263932
|
- |
|
harmistechnology
|
com_jesubmit
|
SQL injection vulnerability in the JExtensions JE Story Submit (com_jesubmit) component 1.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the view parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2010-5022
|
2011-11-17 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263933
|
- |
|
pligg
|
pligg_cms
|
Cross-site scripting (XSS) vulnerability in Pligg before 1.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3986
|
2011-11-16 14:00 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263934
|
- |
|
skyarc
|
autotagging duplicateentry mailpack mtcms multifileuploader
|
SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3993
|
2011-11-16 14:00 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263935
|
- |
|
skyarc
|
autotagging duplicateentry mailpack mtcms multifileuploader
|
Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0…
|
CWE-352
Origin Validation Error
|
CVE-2011-3994
|
2011-11-16 14:00 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263936
|
- |
|
opengear
|
opengear_console_server_firmware acm5000_console_server cm4000_console_server im4004-5_console_server im4200_console_server img4000_console_server kcs6000_rackside_console_server
|
Opengear console servers with firmware before 2.2.1 allow remote attackers to bypass authentication, and modify settings or access connected equipment, via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2011-3997
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263937
|
- |
|
apple
|
webobjects
|
Cross-site scripting (XSS) vulnerability in Apple WebObjects 5.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3998
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263938
|
- |
|
ibc.co.jp
|
iwate_portal_bar
|
Cross-site scripting (XSS) vulnerability in the RSS/Atom feed-reader implementation in Iwate Portal Bar allows remote attackers to inject arbitrary web script or HTML via a crafted feed.
|
CWE-79
Cross-site Scripting
|
CVE-2011-3999
|
2011-11-16 14:00 |
2011-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263939
|
- |
|
courseforum
|
projectforum
|
Cross-site scripting (XSS) vulnerability in CourseForum ProjectForum 7.0.1.3038 allows remote attackers to inject arbitrary web script or HTML via a crafted name of an object within a more object on …
|
CWE-79
Cross-site Scripting
|
CVE-2011-4277
|
2011-11-16 14:00 |
2011-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263940
|
- |
|
john_bradshaw
|
np_gallery_plugin
|
PHP remote file inclusion vulnerability in nucleus/plugins/NP_gallery.php in the NP_Gallery plugin 0.94 for Nucleus allows remote attackers to execute arbitrary PHP code via a URL in the DIR_NUCLEUS …
|
CWE-94
Code Injection
|
CVE-2010-5040
|
2011-11-16 14:00 |
2011-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|