|
306801
|
- |
|
google
|
chrome
|
Google Chrome before 9.0.597.84 does not properly restrict drag and drop operations, which might allow remote attackers to bypass the Same Origin Policy via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0778
|
2024-11-21 10:24 |
2011-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306802
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in Google Chrome before 9.0.597.84 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to image loading.
|
CWE-416
Use After Free
|
CVE-2011-0777
|
2024-11-21 10:24 |
2011-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306803
|
- |
|
google
|
chrome
|
The sandbox implementation in Google Chrome before 9.0.597.84 on Mac OS X might allow remote attackers to obtain potentially sensitive information about local files via vectors related to the stat sy…
|
CWE-200
Information Exposure
|
CVE-2011-0776
|
2024-11-21 10:24 |
2011-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306804
|
- |
|
pivotx
|
pivotx
|
pivotx/modules/module_image.php in PivotX 2.2.2 allows remote attackers to obtain sensitive information via a non-existent file in the image parameter, which reveals the installation path in an error…
|
CWE-200
Information Exposure
|
CVE-2011-0775
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306805
|
- |
|
pivotx
|
pivotx
|
PivotX before 2.2.2 allows remote attackers to obtain sensitive information via a direct request to (1) includes/ping.php and (2) includes/spamping.php, which reveals the installation path in an erro…
|
CWE-200
Information Exposure
|
CVE-2011-0774
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306806
|
- |
|
pivotx
|
pivotx
|
Cross-site scripting (XSS) vulnerability in pivotx/modules/module_image.php in PivotX before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the image parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2011-0773
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306807
|
- |
|
pivotx
|
pivotx
|
Multiple cross-site scripting (XSS) vulnerabilities in PivotX 2.2.0, and possibly other versions before 2.2.2, allow remote attackers to inject arbitrary web script or HTML via the (1) color paramete…
|
CWE-79
Cross-site Scripting
|
CVE-2011-0772
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306808
|
- |
|
janrain
|
rpx
|
The Janrain Engage (formerly RPX) module 6.x-1.3 for Drupal does not validate the file for a profile image, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks and p…
|
CWE-20
Improper Input Validation
|
CVE-2011-0771
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306809
|
- |
|
tibco
|
rendezvous
enterprise_message_service
runtime_agent
silver_bpm_service
silver_cap_service
silver_businessworks_service
|
Multiple unspecified vulnerabilities in TIBCO Rendezvous 8.2.1 through 8.3.0, Enterprise Message Service (EMS) 5.1.0 through 6.0.0, Runtime Agent (TRA) 5.6.2 through 5.7.0, Silver BPM Service before …
|
NVD-CWE-noinfo
|
CVE-2011-0649
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306810
|
- |
|
mediawiki
|
mediawiki
|
Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly No…
|
CWE-22
Path Traversal
|
CVE-2011-0537
|
2024-11-21 10:24 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
