264201
|
- |
|
phpalbum
|
phpalbum
|
Multiple cross-site scripting (XSS) vulnerabilities in main.php in phpAlbum 0.4.1.16 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) var1 and (2) keyword paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4806
|
2012-02-10 14:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264202
|
- |
|
phpalbum
|
phpalbum
|
Directory traversal vulnerability in main.php in phpAlbum 0.4.1.16 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the var1 parameter.
|
CWE-22
Path Traversal
|
CVE-2011-4807
|
2012-02-10 14:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264203
|
- |
|
joomlaextensions
|
com_hmcommunity
|
SQL injection vulnerability in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a fnd_home action…
|
CWE-89
SQL Injection
|
CVE-2011-4808
|
2012-02-10 14:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264204
|
- |
|
joomlaextensions
|
com_hmcommunity
|
Multiple cross-site scripting (XSS) vulnerabilities in the HM Community (com_hmcommunity) component before 1.01 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) l…
|
CWE-79
Cross-site Scripting
|
CVE-2011-4809
|
2012-02-10 14:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264205
|
- |
|
whmcs
|
whmcompletesolution
|
Multiple directory traversal vulnerabilities in WHMCompleteSolution (WHMCS) 3.x and 4.x allow remote attackers to read arbitrary files via the templatefile parameter to (1) submitticket.php and (2) d…
|
CWE-22
Path Traversal
|
CVE-2011-4810
|
2012-02-10 14:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264206
|
- |
|
bst
|
bestshoppro
|
SQL injection vulnerability in pokaz_podkat.php in BestShopPro allows remote attackers to execute arbitrary SQL commands via the str parameter.
|
CWE-89
SQL Injection
|
CVE-2011-4811
|
2012-02-10 14:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264207
|
- |
|
bst
|
bestshoppro
|
Cross-site scripting (XSS) vulnerability in nowosci.php in BestShopPro allows remote attackers to inject arbitrary web script or HTML via the str parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-4812
|
2012-02-10 14:00 |
2011-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264208
|
- |
|
realnetworks
|
realplayer realplayer_sp
|
The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows rem…
|
CWE-94
Code Injection
|
CVE-2012-0928
|
2012-02-9 14:00 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264209
|
- |
|
adacore
|
ada_web_services
|
AdaCore Ada Web Services (AWS) before 2.10.2 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a …
|
CWE-20
Improper Input Validation
|
CVE-2012-1035
|
2012-02-9 14:00 |
2012-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264210
|
- |
|
extensionsforjoomla
|
com_vikrealestate
|
Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a re…
|
CWE-89
SQL Injection
|
CVE-2011-4823
|
2012-02-9 14:00 |
2011-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|