|
263721
|
- |
|
zend
|
framework
server
|
Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as …
|
CWE-200
Information Exposure
|
CVE-2011-3825
|
2012-05-21 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263722
|
- |
|
zikula
|
zikula
|
Zikula 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/voodoodoll…
|
CWE-200
Information Exposure
|
CVE-2011-3826
|
2012-05-21 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263723
|
- |
|
mhproducts
|
download_center
|
SQL injection vulnerability in admin/login.php in MHP DownloadScript (aka MH Products Download Center) 2.2 allows remote attackers to execute arbitrary SQL commands via the Name parameter. NOTE: som…
|
CWE-89
SQL Injection
|
CVE-2010-4842
|
2012-05-21 13:00 |
2011-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263724
|
- |
|
cisco
|
ios
ios_xe
|
Unspecified vulnerability in Cisco IOS 12.4, 15.0, and 15.1, and IOS XE 2.5.x through 3.2.x, allows remote attackers to cause a denial of service (device reload) via a crafted SIP message, aka Bug ID…
|
NVD-CWE-noinfo
|
CVE-2011-0939
|
2012-05-18 13:00 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263725
|
- |
|
cisco
|
ios
|
Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (device reload) via malformed IPv6 packets, aka Bug ID CSCtj41194.
|
CWE-399
Resource Management Errors
|
CVE-2011-0944
|
2012-05-18 13:00 |
2011-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263726
|
- |
|
twiki
|
twiki
|
Multiple cross-site scripting (XSS) vulnerabilities in TWiki before 5.1.0 allow remote attackers to inject arbitrary web script or HTML via (1) the newtopic parameter in a WebCreateNewTopic action, r…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3010
|
2012-05-18 13:00 |
2011-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263727
|
- |
|
juan_toledo
|
etherape
|
The add_conversation function in conversations.c in EtherApe before 0.9.12 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an RPC packet, rel…
|
NVD-CWE-Other
|
CVE-2011-3369
|
2012-05-18 13:00 |
2011-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263728
|
- |
|
juan_toledo
|
etherape
|
Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2011-3369
|
2012-05-18 13:00 |
2011-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263729
|
- |
|
punbb
|
punbb
|
Multiple cross-site scripting (XSS) vulnerabilities in include/functions.php in PunBB before 1.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) id, (2) form_sent, (3) csr…
|
CWE-79
Cross-site Scripting
|
CVE-2011-3371
|
2012-05-18 13:00 |
2011-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
263730
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
QuickTime in Apple Mac OS X before 10.7.3 does not prevent access to uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (application …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-3458
|
2012-05-18 12:43 |
2012-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
