| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2011-5000 | The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic a... | E | |
| CVE-2011-5001 | Stack-based buffer overflow in the CGenericScheduler::AddTask function in cmdHandlerRedAlertControll... | | |
| CVE-2011-5002 | Multiple stack-based buffer overflows in Final Draft 8 before 8.02 allow remote attackers to execute... | E | |
| CVE-2011-5003 | Stack-based buffer overflow in the Phonetic Indexer (AvidPhoneticIndexer.exe) in Avid Media Composer... | E | |
| CVE-2011-5004 | Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component ... | | |
| CVE-2011-5005 | Unrestricted file upload vulnerability in QuiXplorer 2.3 and earlier allows remote attackers to exec... | E | |
| CVE-2011-5006 | Stack-based buffer overflow in QQPlayer 3.2.845 allows remote attackers to execute arbitrary code vi... | E | |
| CVE-2011-5007 | Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier,... | E | |
| CVE-2011-5008 | Integer overflow in the GatewayService component in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attacke... | E | |
| CVE-2011-5009 | The CmpWebServer.dll module in the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attac... | E | |
| CVE-2011-5010 | apps/a3/cfg_ethping.cgi in the Ctek SkyRouter 4200 and 4300 allows remote attackers to execute arbit... | E | |
| CVE-2011-5011 | Multiple cross-site request forgery (CSRF) vulnerabilities in xt:Commerce 3.0.4 SP2.1 and possibly e... | | |
| CVE-2011-5012 | Heap-based buffer overflow in the Reflection FTP Client (rftpcom.dll 7.2.0.106 and possibly other ve... | E | |
| CVE-2011-5018 | Koala Framework before 2011-11-21 has XSS via the request_uri parameter.... | E S | |
| CVE-2011-5019 | Cross-site scripting (XSS) vulnerability in setup/index.php in Textpattern CMS 4.4.1, when the produ... | E | |
| CVE-2011-5020 | An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011.... | | |
| CVE-2011-5021 | PHPIDS before 0.7 does not properly implement Regular Expression Denial of Service (ReDoS) filters, ... | | |
| CVE-2011-5022 | SQL injection vulnerability in search.php in Pligg CMS 1.1.2 allows remote attackers to execute arbi... | E | |
| CVE-2011-5023 | Cross-site scripting (XSS) vulnerability in Pligg CMS 1.1.4 allows remote attackers to inject arbitr... | E | |
| CVE-2011-5024 | Cross-site scripting (XSS) vulnerability in mmsearch/design in the Mailman/htdig integration patch f... | | |
| CVE-2011-5025 | Multiple cross-site scripting (XSS) vulnerabilities in the wiki application in Yaws 1.88 allow remot... | | |
| CVE-2011-5026 | Cross-site scripting (XSS) vulnerability in the addPost function in data/functions.php in Winn Guest... | E | |
| CVE-2011-5027 | Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 allows remote attackers to inject a... | | |
| CVE-2011-5028 | Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.... | | |
| CVE-2011-5029 | Multiple cross-site scripting (XSS) vulnerabilities in Simple PHP Blog 0.7.0 and possibly earlier al... | | |
| CVE-2011-5030 | Cross-site scripting (XSS) vulnerability in the Meta tags quick module 7.x-2.x before 7.x-2.3 for Dr... | S | |
| CVE-2011-5031 | Multiple SQL injection vulnerabilities in servlet/capexweb.parentvalidatepassword in cApexWEB 1.1 al... | E | |
| CVE-2011-5032 | WMDrive.sys 3.4.181.224 in WinMount 3.5.1018 allows local users to cause a denial of service (NULL p... | | |
| CVE-2011-5033 | Stack-based buffer overflow in CFS.c in ConfigServer Security & Firewall (CSF) before 5.43, when run... | E | |
| CVE-2011-5034 | Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the a... | | |
| CVE-2011-5035 | Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Appl... | | |
| CVE-2011-5036 | Rack before 1.1.3, 1.2.x before 1.2.5, and 1.3.x before 1.3.6 computes hash values for form paramete... | E | |
| CVE-2011-5037 | Google V8 computes hash values for form parameters without restricting the ability to trigger hash c... | | |
| CVE-2011-5038 | SQL injection vulnerability in hitCode hitAppoint 4.5.17 and possibly earlier allows remote attacker... | | |
| CVE-2011-5039 | Multiple SQL injection vulnerabilities in Infoproject Biznis Heroj allow remote attackers to execute... | E | |
| CVE-2011-5040 | Multiple cross-site scripting (XSS) vulnerabilities in Infoproject Biznis Heroj allow remote attacke... | E | |
| CVE-2011-5041 | Multiple cross-site scripting (XSS) vulnerabilities in Pulse Pro CMS 1.7.2 allow remote attackers to... | E | |
| CVE-2011-5042 | Cross-site scripting (XSS) vulnerability in inc/lib/lib.base.php in SASHA 0.2.0 allows remote attack... | | |
| CVE-2011-5043 | TomatoSoft Free Mp3 Player 1.0 allows remote attackers to cause a denial of service (application cra... | E | |
| CVE-2011-5044 | SopCast 3.4.7.45585 uses weak permissions (Everyone:Full Control) for Diagnose.exe, which allows loc... | E | |
| CVE-2011-5045 | Cross-site scripting (XSS) vulnerability in details_view.php in PHP Booking Calendar 10e allows remo... | E | |
| CVE-2011-5046 | The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP... | E | |
| CVE-2011-5047 | Cross-site scripting (XSS) vulnerability in status_rrd_graph.php in pfSense before 2.0.1 allows remo... | | |
| CVE-2011-5048 | Multiple cross-site scripting (XSS) vulnerabilities in IBM Web Experience Factory (aka WEF, formerly... | | |
| CVE-2011-5049 | MySQL 5.5.8, when running on Windows, allows remote attackers to cause a denial of service (NULL poi... | E | |
| CVE-2011-5050 | SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10... | E | |
| CVE-2011-5051 | Multiple unrestricted file upload vulnerabilities in the WP Symposium plugin before 11.12.24 for Wor... | | |
| CVE-2011-5052 | Stack-based buffer overflow in CoCSoft Stream Down 6.8.0 allows remote web servers to execute arbitr... | E | |
| CVE-2011-5053 | The Wi-Fi Protected Setup (WPS) protocol, when the "external registrar" authentication method is use... | | |
| CVE-2011-5054 | kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environm... | | |
| CVE-2011-5055 | MaraDNS 1.3.07.12 and 1.4.08 computes hash values for DNS data without properly restricting the abil... | S | |
| CVE-2011-5056 | The authoritative server in MaraDNS through 2.0.04 computes hash values for DNS data without restric... | S | |
| CVE-2011-5057 | Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict ... | | |
| CVE-2011-5058 | The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attac... | E | |
| CVE-2011-5059 | Stack-based buffer overflow in Final Draft 8 before 8.02 allows remote attackers to execute arbitrar... | | |
| CVE-2011-5060 | The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a direc... | S | |
| CVE-2011-5061 | functions.php in WHMCompleteSolution (WHMCS) 4.0.x through 5.0.x allows remote attackers to trigger ... | S | |
| CVE-2011-5062 | The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x befor... | S | |
| CVE-2011-5063 | The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x befor... | S | |
| CVE-2011-5064 | DigestAuthenticator.java in the HTTP Digest Access Authentication implementation in Apache Tomcat 5.... | S | |
| CVE-2011-5065 | Cross-site scripting (XSS) vulnerability in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.... | | |
| CVE-2011-5066 | The SibRaRecoverableSiXaResource class in the Default Messaging Component in IBM WebSphere Applicati... | | |
| CVE-2011-5067 | move_uploaded_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users... | | |
| CVE-2011-5068 | Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.... | | |
| CVE-2011-5069 | Unrestricted file upload vulnerability in incident_attachments.php in Support Incident Tracker (aka ... | | |
| CVE-2011-5070 | Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allo... | | |
| CVE-2011-5071 | Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.64 allow remo... | | |
| CVE-2011-5072 | Multiple SQL injection vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remo... | E | |
| CVE-2011-5073 | Multiple cross-site scripting (XSS) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.... | E | |
| CVE-2011-5074 | Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) be... | E | |
| CVE-2011-5075 | translate.php in Support Incident Tracker (aka SiT!) 3.45 through 3.65 allows remote attackers to ob... | E | |
| CVE-2011-5076 | SQL injection vulnerability in model/comment.class.php in HDWiki 5.0, 5.1, and possibly other versio... | | |
| CVE-2011-5077 | Unrestricted file upload vulnerability in attachement.php in HDWiki 5.0 allows remote attackers to e... | | |
| CVE-2011-5078 | The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD# 3 and 7... | | |
| CVE-2011-5079 | Open redirect vulnerability in the Modern FAQ (irfaq) extension 1.1.2 and other versions before 1.1.... | S | |
| CVE-2011-5080 | Cross-site scripting (XSS) vulnerability in lib/class.tx_jftcaforms_tceFunc.php in the Additional TC... | | |
| CVE-2011-5081 | Cross-site scripting (XSS) vulnerability in RestoreFile.pm in BackupPC 3.1.0, 3.2.1, and possibly ot... | E S | |
| CVE-2011-5082 | Cross-site scripting (XSS) vulnerability in the s2Member Pro plugin before 111220 for WordPress allo... | | |
| CVE-2011-5083 | Unrestricted file upload vulnerability in inc/swf/swfupload.swf in Dotclear 2.3.1 and 2.4.2 allows r... | E | |
| CVE-2011-5084 | Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows ... | S | |
| CVE-2011-5085 | Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attacker... | S | |
| CVE-2011-5086 | https50.ocx in IP*Works! SSL in the server in Unitronics UniOPC before 2.0.0 does not properly imple... | | |
| CVE-2011-5087 | Unspecified vulnerability in AdAstrA TRACE MODE Data Center allows remote attackers to read arbitrar... | | |
| CVE-2011-5088 | The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the ... | | |
| CVE-2011-5089 | Buffer overflow in the Security Login ActiveX controls in ICONICS GENESIS32 8.05, 9.0, 9.1, and 9.2 ... | | |
| CVE-2011-5090 | GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain databas... | E | |
| CVE-2011-5091 | Multiple SQL injection vulnerabilities in GR Board (aka grboard) 1.8.6.5 Community Edition allow rem... | E | |
| CVE-2011-5092 | Best Practical Solutions RT 3.8.x before 3.8.12 and 4.x before 4.0.6 allows remote attackers to exec... | S | |
| CVE-2011-5093 | Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode opt... | S | |
| CVE-2011-5094 | Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION o... | | |
| CVE-2011-5095 | The Diffie-Hellman key-exchange implementation in OpenSSL 0.9.8, when FIPS mode is enabled, does not... | | |
| CVE-2011-5096 | Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Applic... | | |
| CVE-2011-5097 | chef-server-api/app/controllers/cookbooks.rb in Chef Server in Chef before 0.9.18, and 0.10.x before... | S | |
| CVE-2011-5098 | chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0... | E S | |
| CVE-2011-5099 | SQL injection vulnerability in helper/popup.php in the ccNewsletter (mod_ccnewsletter) component 1.0... | E | |
| CVE-2011-5100 | The web interface in McAfee Firewall Reporter before 5.1.0.13 does not properly implement cookie aut... | | |
| CVE-2011-5101 | The Rumor technology in McAfee SaaS Endpoint Protection before 5.2.4 allows remote attackers to rela... | | |
| CVE-2011-5102 | The Investigative Reports web interface in the TRITON management console in Websense Web Security 7.... | | |
| CVE-2011-5103 | SQL injection vulnerability in Alurian Prismotube PHP Video Script allows remote attackers to execut... | E | |
| CVE-2011-5104 | Cross-site scripting (XSS) vulnerability in wpsc-admin/display-sales-logs.php in WP e-Commerce plugi... | E S | |
| CVE-2011-5105 | Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in ZOHO ManageEngine ADSelf... | E | |
| CVE-2011-5106 | Cross-site scripting (XSS) vulnerability in edit-post.php in the Flexible Custom Post Type plugin be... | E S | |
| CVE-2011-5107 | Cross-site scripting (XSS) vulnerability in post_alert.php in Alert Before Your Post plugin, possibl... | E | |
| CVE-2011-5108 | Cross-site scripting (XSS) vulnerability in config.php in AdaptCMS 2.0.0 and 2.0.1 allows remote att... | E | |
| CVE-2011-5109 | Multiple SQL injection vulnerabilities in Freelancer calendar 1.01 and earlier allow remote attacker... | E | |
| CVE-2011-5110 | Multiple SQL injection vulnerabilities in Blogs Manager 1.101 and earlier allow remote attackers to ... | E | |
| CVE-2011-5111 | Multiple SQL injection vulnerabilities in Kajian Website CMS Balitbang 3.x allow remote attackers to... | E | |
| CVE-2011-5112 | SQL injection vulnerability in Alameda (com_alameda) component before 1.0.1 for Joomla! allows remot... | E | |
| CVE-2011-5113 | SQL injection vulnerability in frontend/models/techfoliodetail.php in Techfolio (com_techfolio) comp... | E | |
| CVE-2011-5114 | Multiple cross-site scripting (XSS) vulnerabilities in the Authoritative DNS - DNS Zones page in Bar... | | |
| CVE-2011-5115 | Cross-site scripting (XSS) vulnerability in DLGuard, possibly 4.6 and earlier, allows remote attacke... | E | |
| CVE-2011-5116 | SQL injection vulnerability in setseed-hub in SetSeed CMS 5.8.20, 5.11.2, and earlier allows remote ... | E | |
| CVE-2011-5117 | Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device En... | S | |
| CVE-2011-5118 | Multiple race conditions in Comodo Internet Security before 5.8.213334.2131 allow local users to byp... | | |
| CVE-2011-5119 | Multiple race conditions in Comodo Internet Security before 5.8.211697.2124 allow local users to byp... | | |
| CVE-2011-5120 | The Antivirus component in Comodo Internet Security before 5.4.189822.1355 allows remote attackers t... | | |
| CVE-2011-5121 | The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not properly check w... | | |
| CVE-2011-5122 | The Antivirus component in Comodo Internet Security before 5.3.175888.1227 allows remote attackers t... | | |
| CVE-2011-5123 | The Antivirus component in Comodo Internet Security before 5.3.175888.1227 does not check whether X.... | | |
| CVE-2011-5124 | Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG ... | | |
| CVE-2011-5125 | Cross-site scripting (XSS) vulnerability in Blue Coat Director before 5.5.2.3 allows remote attacker... | | |
| CVE-2011-5126 | Blue Coat ProxySG 6.1 before SGOS 6.1.5.1 and 6.2 before SGOS 6.2.2.1 writes the secure heap to core... | | |
| CVE-2011-5127 | Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1,... | | |
| CVE-2011-5128 | Multiple cross-site scripting (XSS) vulnerabilities in the Adminimize plugin before 1.7.22 for WordP... | S | |
| CVE-2011-5129 | Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of s... | E | |
| CVE-2011-5130 | dev/less.php in Family Connections CMS (FCMS) 2.5.0 - 2.7.1, when register_globals is enabled, allow... | E | |
| CVE-2011-5131 | Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote att... | | |
| CVE-2011-5132 | Cross-site scripting (XSS) vulnerability in MyBB before 1.6.5 allows remote attackers to inject arbi... | | |
| CVE-2011-5133 | Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an ... | | |
| CVE-2011-5134 | Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component be... | | |
| CVE-2011-5135 | Multiple SQL injection vulnerabilities in the save_connection function in lib/lib.iotask.php in the ... | E | |
| CVE-2011-5136 | showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwri... | E | |
| CVE-2011-5137 | Multiple SQL injection vulnerabilities in tForum b0.915 allow remote attackers to execute arbitrary ... | E | |
| CVE-2011-5138 | Cross-site scripting (XSS) vulnerability in member.php in tForum b0.915 allows remote attackers to i... | E | |
| CVE-2011-5139 | SQL injection vulnerability in page.php in Pre Studio Business Cards Designer allows remote attacker... | E | |
| CVE-2011-5140 | Multiple SQL injection vulnerabilities in the blog module 1.0 for DiY-CMS allow remote attackers to ... | E | |
| CVE-2011-5141 | Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM)... | E | |
| CVE-2011-5142 | Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and... | E | |
| CVE-2011-5143 | Multiple cross-site scripting (XSS) vulnerabilities in Open Business Management (OBM) 2.3.20 and pro... | | |
| CVE-2011-5144 | Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote attackers to obtain configuratio... | E | |
| CVE-2011-5145 | Multiple SQL injection vulnerabilities in Open Business Management (OBM) 2.4.0-rc13 and probably ear... | E | |
| CVE-2011-5146 | Bokken before 1.6 and 1.5-x before 1.5-3 for Debian allows local users to overwrite arbitrary files ... | S | |
| CVE-2011-5147 | Static code injection vulnerability in ajax_save_name.php in the Ajax File Manager module in the tin... | E | |
| CVE-2011-5148 | Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) m... | E | |
| CVE-2011-5149 | Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.08 and earlier allow remote attac... | E | |
| CVE-2011-5150 | Multiple cross-site scripting (XSS) vulnerabilities in SpamTitan 5.07 and possibly earlier allow rem... | | |
| CVE-2011-5151 | Untrusted search path vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 allows local users ... | | |
| CVE-2011-5152 | Multiple untrusted search path vulnerabilities in ACDSee Photo Editor 2008 5.x build 291 allow local... | | |
| CVE-2011-5153 | Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows local users to gain privileges... | | |
| CVE-2011-5154 | Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI ... | | |
| CVE-2011-5155 | Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain pri... | | |
| CVE-2011-5156 | Untrusted search path vulnerability in Effective File Search 6.7 allows local users to gain privileg... | | |
| CVE-2011-5157 | Untrusted search path vulnerability in Attachmate Reflection before 14.1 SP1 allows local users to g... | | |
| CVE-2011-5158 | Multiple untrusted search path vulnerabilities in the DMTGUI2.EXE and DvInesLogFileViewer.Exe compon... | E | |
| CVE-2011-5159 | Cross-site scripting (XSS) vulnerability in admin/configuration.php in Geeklog before 1.7.1sr1 allow... | | |
| CVE-2011-5160 | Cross-site scripting (XSS) vulnerability in setup.php in OpenEMR 4 allows remote attackers to inject... | E | |
| CVE-2011-5161 | Unrestricted file upload vulnerability in the patient photograph functionality in OpenEMR 4 allows r... | E | |
| CVE-2011-5162 | Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execu... | E | |
| CVE-2011-5163 | Buffer overflow in an unspecified third-party component in the Batch module for Schneider Electric C... | | |
| CVE-2011-5164 | Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP s... | E | |
| CVE-2011-5165 | Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allo... | E | |
| CVE-2011-5166 | Multiple stack-based buffer overflows in KnFTP 1.0.0 allow remote attackers to execute arbitrary cod... | E | |
| CVE-2011-5167 | Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (T... | E | |
| CVE-2011-5168 | SQL injection vulnerability in user.php in Banana Dance before B.1.5 allows remote attackers to exec... | E | |
| CVE-2011-5169 | SQL injection vulnerability in sgms/reports/scheduledreports/configure/scheduleProps.jsp in SonicWal... | E | |
| CVE-2011-5170 | Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 allows remote attackers to execu... | E | |
| CVE-2011-5171 | Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow r... | E | |
| CVE-2011-5172 | Stack-based buffer overflow in StoryBoard Quick 6 Build 3786, and possibly StoryBoard Artist and Sto... | E | |
| CVE-2011-5173 | Buffer overflow in Bugbear Entertainment FlatOut 2005 allows user-assisted remote attackers to cause... | E | |
| CVE-2011-5174 | Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) i... | | |
| CVE-2011-5175 | SQL injection vulnerability in search.php in Banana Dance, possibly B.1.5 and earlier, allows remote... | E | |
| CVE-2011-5176 | Multiple cross-site scripting (XSS) vulnerabilities in search.php in Banana Dance, possibly B.1.5 an... | | |
| CVE-2011-5177 | Multiple cross-site scripting (XSS) vulnerabilities in admin/controller.php in eSyndiCat Pro 2.3.05 ... | E | |
| CVE-2011-5178 | Multiple cross-site scripting (XSS) vulnerabilities in netmri/config/userAdmin/login.tdf in Infoblox... | E | |
| CVE-2011-5179 | Cross-site scripting (XSS) vulnerability in skysa-official/skysa.php in Skysa App Bar Integration pl... | E | |
| CVE-2011-5180 | Cross-site scripting (XSS) vulnerability in wp-1pluginjquery.php in the ZooEffect plugin 1.01 for Wo... | E | |
| CVE-2011-5181 | Cross-site scripting (XSS) vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plug... | E | |
| CVE-2011-5182 | Cross-site scripting (XSS) vulnerability in lanoba-social-plugin/index.php in the Lanoba Social plug... | E | |
| CVE-2011-5183 | Multiple SQL injection vulnerabilities in OrderSys 1.6.4 and earlier allow remote attackers to execu... | E | |
| CVE-2011-5184 | Multiple cross-site scripting (XSS) vulnerabilities in HP Network Node Manager i 9.10 allow remote a... | E | |
| CVE-2011-5185 | Cross-site scripting (XSS) vulnerability in video_comments.php in Online Subtitles Workshop before 2... | E S | |
| CVE-2011-5186 | Cross-site scripting (XSS) vulnerability in jbshop.php in the jbShop plugin for e107 7 allows remote... | E | |
| CVE-2011-5187 | Cross-site scripting (XSS) vulnerability in the Support Ticketing System module 6.x-1.x before 6.x-1... | S | |
| CVE-2011-5188 | Cross-site scripting (XSS) vulnerability in the Support Timer module 6.x-1.x before 6.x-1.4 for Drup... | S | |
| CVE-2011-5189 | Cross-site scripting (XSS) vulnerability in the Webform Validation module 6.x-1.x before 6.x-1.5 and... | S | |
| CVE-2011-5190 | Multiple cross-site scripting (XSS) vulnerabilities in Social Book Facebook Clone 2010 allow remote ... | E | |
| CVE-2011-5191 | Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty Link Lite plugin before 1.5.4 f... | E S | |
| CVE-2011-5192 | Cross-site scripting (XSS) vulnerability in pretty-bar.php in Pretty Link Lite plugin before 1.5.6 f... | E S | |
| CVE-2011-5193 | Cross-site scripting (XSS) vulnerability in vendors/samswhois/samswhois.inc.php in the Whois Search ... | | |
| CVE-2011-5194 | Cross-site scripting (XSS) vulnerability in vendors/samswhois/samswhois.inc.php in the Whois Search ... | E S | |
| CVE-2011-5195 | Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Proj... | E | |
| CVE-2011-5196 | Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Proj... | E | |
| CVE-2011-5197 | Cross-site request forgery (CSRF) vulnerability in index/manager/fileUpload in Public Knowledge Proj... | E | |
| CVE-2011-5198 | SQL injection vulnerability in search.php in Neturf eCommerce Shopping Cart allows remote attackers ... | E | |
| CVE-2011-5199 | Cross-site scripting (XSS) vulnerability in sign.php in tinyguestbook allows remote attackers to inj... | E | |
| CVE-2011-5200 | Multiple SQL injection vulnerabilities in DeDeCMS, possibly 5.6, allow remote attackers to execute a... | E | |
| CVE-2011-5201 | Multiple SQL injection vulnerabilities in sign.php in tinyguestbook allow remote attackers to execut... | E S | |
| CVE-2011-5202 | BazisVirtualCDBus.sys in WinCDEmu 3.6 allows local users to cause a denial of service (system crash)... | | |
| CVE-2011-5203 | SQL injection vulnerability in WB/Default.asp in Akiva WebBoard before 8 SR 1 allows remote attacker... | E | |
| CVE-2011-5204 | Akiva WebBoard 8.x stores passwords in plaintext, which allows local users to obtain sensitive infor... | E | |
| CVE-2011-5205 | Cross-site scripting (XSS) vulnerability in audl.php in Rapidleech 2.3 rev42 SVN r358, rev43 SVN r39... | E | |
| CVE-2011-5206 | Cross-site scripting (XSS) vulnerability in notes.php in Rapidleech before 2.3 rev42 SVN r399 allows... | E | |
| CVE-2011-5207 | Cross-site scripting (XSS) vulnerability in admin/OptionsPostsList.php in the TheCartPress plugin fo... | E | |
| CVE-2011-5208 | Multiple directory traversal vulnerabilities in the BackWPup plugin before 1.4.1 for WordPress allow... | E | |
| CVE-2011-5209 | Cross-site scripting (XSS) vulnerability in search/ in GraphicsClone Script, possibly 1.11, allows r... | E | |
| CVE-2011-5210 | Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 allows remote attackers to rea... | E S | |
| CVE-2011-5211 | Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attac... | E | |
| CVE-2011-5212 | SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execu... | E | |
| CVE-2011-5213 | Multiple SQL injection vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote attackers to ... | E | |
| CVE-2011-5214 | Multiple cross-site scripting (XSS) vulnerabilities in BrowserCRM 5.100.01 and earlier allow remote ... | E | |
| CVE-2011-5215 | SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execut... | E | |
| CVE-2011-5216 | SQL injection vulnerability in ajax.php in SCORM Cloud For WordPress plugin before 1.0.7 for WordPre... | E | |
| CVE-2011-5217 | Directory traversal vulnerability in the PXE Mtftp service in Hitachi JP1/ServerConductor/Deployment... | | |
| CVE-2011-5218 | SQL injection vulnerability in DotA OpenStats 1.3.9 and earlier allows remote attackers to execute a... | E | |
| CVE-2011-5219 | Directory traversal vulnerability in examples/show_code.php in mPDF 5.3 and earlier allows remote at... | E | |
| CVE-2011-5220 | Cross-site scripting (XSS) vulnerability in templates/default/Admin/Login.html in PHP-SCMS 1.6.8 and... | E | |
| CVE-2011-5221 | Cross-site scripting (XSS) vulnerability in the getLog function in svnlook.php in WebSVN before 2.3.... | E | |
| CVE-2011-5222 | SQL injection vulnerability in rub2_w.php in PHP Flirt-Projekt 4.8 and possibly earlier allows remot... | E | |
| CVE-2011-5223 | Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote a... | | |
| CVE-2011-5224 | SQL injection vulnerability in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to ex... | S | |
| CVE-2011-5225 | Cross-site scripting (XSS) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for ... | | |
| CVE-2011-5226 | Cross-site request forgery (CSRF) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0... | | |
| CVE-2011-5227 | Stack-based buffer overflow in the Syslog service (nssyslogd.exe) in Enterasys Network Management Su... | | |
| CVE-2011-5228 | Cross-site scripting (XSS) vulnerability in the Search module (quickstart/search) in appRain CMF 0.1... | E | |
| CVE-2011-5229 | SQL injection vulnerability in quickstart/profile/index.php in the Forum module in appRain CMF 0.1.5... | E | |
| CVE-2011-5230 | Multiple SQL injection vulnerabilities in the selectUserIdByLoginPass function in seotoaster_core/ap... | E | |
| CVE-2011-5231 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0023. Reason: This candida... | R | |
| CVE-2011-5232 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-0025. Reason: This candida... | R | |
| CVE-2011-5233 | Heap-based buffer overflow in IrfanView before 4.32 allows remote attackers to execute arbitrary cod... | E | |
| CVE-2011-5234 | SQL injection vulnerability in user.php in Social Network Community 2 allows remote attackers to exe... | | |
| CVE-2011-5235 | SQL injection vulnerability in mnoGoSearch before 3.3.12 allows remote attackers to execute arbitrar... | | |
| CVE-2011-5236 | Moneris eSelectPlus 2.03 PHP API does not verify that the server hostname matches a domain name in t... | | |
| CVE-2011-5237 | PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject's C... | | |
| CVE-2011-5238 | google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a doma... | S | |
| CVE-2011-5239 | CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname matches a domain name in the subjec... | | |
| CVE-2011-5240 | Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the subject'... | | |
| CVE-2011-5241 | Services_Twitter 0.6.3 does not verify that the server hostname matches a domain name in the subject... | | |
| CVE-2011-5242 | tmhOAuth before 0.61 does not verify that the server hostname matches a domain name in the subject's... | | |
| CVE-2011-5243 | TwitterOAuth does not verify that the server hostname matches a domain name in the subject's Common ... | | |
| CVE-2011-5244 | Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmp... | | |
| CVE-2011-5245 | The readFrom function in providers.jaxb.JAXBXmlTypeProvider in RESTEasy before 2.3.2 allows remote a... | S | |
| CVE-2011-5247 | Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field Re... | | |
| CVE-2011-5249 | Cross-site scripting (XSS) vulnerability in the events page in the System iNtrusion Analysis and Rep... | | |
| CVE-2011-5250 | Snare for Linux before 1.7.0 has CSRF in the web interface.... | | |
| CVE-2011-5251 | Open redirect vulnerability in forum/login.php in vBulletin 4.1.3 and earlier allows remote attacker... | | |
| CVE-2011-5252 | Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1.x before 1.1... | E | |
| CVE-2011-5253 | Dl Download Ticket Service 0.3 through 0.9 allows remote attackers to login as an arbitrary user by ... | | |
| CVE-2011-5254 | Unspecified vulnerability in the Connections plugin before 0.7.1.6 for WordPress has unknown impact ... | | |
| CVE-2011-5255 | Multiple cross-site scripting (XSS) vulnerabilities in admin/login in X3 CMS 0.4.3.1 and earlier all... | E | |
| CVE-2011-5256 | Cross-site scripting (XSS) vulnerability in the tooltips in LimeSurvey before 1.91+ Build 11379-2011... | | |
| CVE-2011-5257 | Multiple cross-site scripting (XSS) vulnerabilities in the Classipress theme before 3.1.5 for WordPr... | E | |
| CVE-2011-5258 | Multiple cross-site scripting (XSS) vulnerabilities in OrangeHRM before 2.6.11.2 allow remote attack... | E | |
| CVE-2011-5259 | SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 al... | E | |
| CVE-2011-5260 | Cross-site scripting (XSS) vulnerability in SAP/BW/DOC/METADATA in SAP NetWeaver allows remote attac... | E | |
| CVE-2011-5261 | Cross-site scripting (XSS) vulnerability in serverreport.cgi in Axis M10 Series Network Cameras M105... | E | |
| CVE-2011-5262 | SQL injection vulnerability in prodpage.cfm in SonicWALL Aventail allows remote attackers to execute... | E | |
| CVE-2011-5263 | Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier a... | E | |
| CVE-2011-5264 | Cross-site scripting (XSS) vulnerability in lazyest-backup.php in the Lazyest Backup plugin before 0... | E S | |
| CVE-2011-5265 | Cross-site scripting (XSS) vulnerability in cached_image.php in the Featurific For WordPress plugin ... | | |
| CVE-2011-5266 | Imperva SecureSphere Web Application Firewall (WAF) before 12-august-2010 allows SQL injection filte... | E | |
| CVE-2011-5267 | Multiple cross-site scripting (XSS) vulnerabilities in spell-check-savedicts.php in the SpellChecker... | E S | |
| CVE-2011-5268 | connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to c... | S | |
| CVE-2011-5269 | Cross-site scripting (XSS) vulnerability in ProjectForge before 3.5.3 allows remote authenticated us... | | |
| CVE-2011-5270 | wp-admin/press-this.php in WordPress before 3.0.6 does not enforce the publish_posts capability requ... | E S | |
| CVE-2011-5271 | Pacemaker before 1.1.6 configure script creates temporary files insecurely... | S | |
| CVE-2011-5272 | SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenti... | | |
| CVE-2011-5273 | Directory traversal vulnerability in shared/package-installer in Domain Technologie Control (DTC) be... | | |
| CVE-2011-5274 | The drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie ... | | |
| CVE-2011-5275 | The install script in Domain Technologie Control (DTC) before 0.34.1 gives sudo permissions for chro... | | |
| CVE-2011-5276 | SQL injection vulnerability in the drawAdminTools_PackageInstaller function in shared/inc/forms/pack... | | |
| CVE-2011-5277 | Multiple SQL injection vulnerabilities in signature.php in the Advanced Forum Signatures (aka afsign... | E | |
| CVE-2011-5278 | SQL injection vulnerability in signature.php in Advanced Forum Signatures plugin (aka afsignatures) ... | E | |
| CVE-2011-5279 | CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (I... | E | |
| CVE-2011-5280 | Multiple stack-based buffer overflows in BOINC 6.13.x allow remote attackers to cause a denial of se... | | |
| CVE-2011-5282 | mIRC prior to 7.22 has a message leak because chopping of outbound messages is mishandled.... | | |
| CVE-2011-5283 | Cross-site scripting (XSS) vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi... | E | |
| CVE-2011-5284 | Cross-site request forgery (CSRF) vulnerability in the web management interface in httpd/cgi-bin/shu... | E | |
| CVE-2011-5285 | Multiple cross-site scripting (XSS) vulnerabilities in BugFree 2.1.3 allow remote attackers to injec... | E | |
| CVE-2011-5286 | SQL injection vulnerability in social-slider-2/ajax.php in the Social Slider plugin before 7.4.2 for... | E | |
| CVE-2011-5287 | Multiple cross-site scripting (XSS) vulnerabilities in HESK before 2.4.1 allow remote attackers to i... | E | |
| CVE-2011-5288 | Multiple buffer overflows in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in... | E | |
| CVE-2011-5289 | The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX control in ChilkatCrypt2.dll i... | E | |
| CVE-2011-5290 | The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control in UniBasic100_EDA1811C.ocx in ... | E | |
| CVE-2011-5291 | The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD... | E | |
| CVE-2011-5292 | The EaseWeFtp.FtpLibrary ActiveX control in EaseWeFtp.ocx in Easewe FTP OCX 4.5.0.9 does not restric... | E | |
| CVE-2011-5293 | The cmdSave method in the ThreeDify.ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll in ThreeD... | E | |
| CVE-2011-5294 | The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in LTCML14n.dll 14.0.0.34 in Kof... | E | |
| CVE-2011-5295 | Buffer overflow in the Download method in a certain ActiveX control in MDIEEx.dll in Gogago YouTube ... | E | |
| CVE-2011-5296 | Cross-site scripting (XSS) vulnerability in profilo.php in Happy Chat 1.0 allows remote attackers to... | E | |
| CVE-2011-5297 | Multiple cross-site scripting (XSS) vulnerabilities in TTChat 1.0.4 allow remote attackers to inject... | E | |
| CVE-2011-5298 | Multiple cross-site request forgery (CSRF) vulnerabilities in Argyle Social 2011-04-26 allow remote ... | E | |
| CVE-2011-5299 | Multiple cross-site scripting (XSS) vulnerabilities in poMMo Aardvark PR16.1 allow remote attackers ... | E | |
| CVE-2011-5300 | Cross-site request forgery (CSRF) vulnerability in admin/setup/config/users.php in poMMo Aardvark PR... | E | |
| CVE-2011-5301 | Multiple cross-site scripting (XSS) vulnerabilities in PHPDug 2.0.0 allow remote attackers to inject... | E | |
| CVE-2011-5302 | Cross-site request forgery (CSRF) vulnerability in adm/admin_edit.php in PHPDug 2.0.0 allows remote ... | E | |
| CVE-2011-5303 | Cross-site scripting (XSS) vulnerability in Spitfire CMS 1.0.436 allows remote attackers to inject a... | E | |
| CVE-2011-5304 | Multiple cross-site scripting (XSS) vulnerabilities in the Sodahead Polls plugin before 2.0.4 for Wo... | E | |
| CVE-2011-5305 | Multiple cross-site scripting (XSS) vulnerabilities in CosmoShop ePRO 10.05.00 allow remote attacker... | E | |
| CVE-2011-5306 | Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/setup_edit.cgi in CosmoShop ePRO 10... | E | |
| CVE-2011-5307 | Cross-site scripting (XSS) vulnerability in index.php in the PhotoSmash plugin 1.0.1 for WordPress a... | E | |
| CVE-2011-5308 | Multiple SQL injection vulnerabilities in cdnvote-post.php in the cdnvote plugin before 0.4.2 for Wo... | E | |
| CVE-2011-5309 | Cross-site scripting (XSS) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to in... | E | |
| CVE-2011-5310 | Directory traversal vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to read arbi... | E | |
| CVE-2011-5311 | Cross-site request forgery (CSRF) vulnerability in pages.php in Wikipad 1.6.0 allows remote attacker... | E | |
| CVE-2011-5312 | Multiple cross-site scripting (XSS) vulnerabilities in Gollos 2.8 allow remote attackers to inject a... | E | |
| CVE-2011-5313 | Multiple SQL injection vulnerabilities in includes/password.php in Redaxscript 0.3.2 allow remote at... | E | |
| CVE-2011-5314 | templates/default/index.php in Redaxscript 0.3.2 allows remote attackers to obtain sensitive informa... | E | |
| CVE-2011-5315 | Cross-site request forgery (CSRF) vulnerability in admin/index.php in whCMS 0.115 alpha allows remot... | E | |
| CVE-2011-5316 | Cross-site request forgery (CSRF) vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows... | E | |
| CVE-2011-5317 | Cross-site scripting (XSS) vulnerability in editText.php in WonderCMS before 0.4 allows remote attac... | | |
| CVE-2011-5318 | Multiple cross-site request forgery (CSRF) vulnerabilities in diafan.CMS before 5.1 allow remote att... | E | |
| CVE-2011-5319 | content/renderer/device_sensors/device_motion_event_pump.cc in Google Chrome before 41.0.2272.76 doe... | | |
| CVE-2011-5320 | scanf and related functions in glibc before 2.15 allow local users to cause a denial of service (seg... | E | |
| CVE-2011-5321 | The tty_open function in drivers/tty/tty_io.c in the Linux kernel before 3.1.1 mishandles a driver-l... | | |
| CVE-2011-5322 | GE Healthcare Centricity Analytics Server 1.1 has a default password of (1) V0yag3r for the SQL Serv... | | |
| CVE-2011-5323 | GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly other versions has a password of A11... | | |
| CVE-2011-5324 | The TeraRecon server, as used in GE Healthcare Centricity PACS-IW 3.7.3.7, 3.7.3.8, and possibly oth... | | |
| CVE-2011-5325 | Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remot... | E | |
| CVE-2011-5326 | imlib2 before 1.4.9 allows remote attackers to cause a denial of service (divide-by-zero error and a... | | |
| CVE-2011-5327 | In the Linux kernel before 3.1, an off by one in the drivers/target/loopback/tcm_loop.c tcm_loop_mak... | S | |
| CVE-2011-5328 | The user-access-manager plugin before 1.2 for WordPress has CSRF.... | | |
| CVE-2011-5329 | The redirection plugin before 2.2.9 for WordPress has XSS in the admin menu, a different issue than ... | | |
| CVE-2011-5330 | Distributed Ruby (aka DRuby) 1.8 mishandles the sending of syscalls.... | E | |
| CVE-2011-5331 | Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.... | E | |
| CVE-2011-5370 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5370. Reason: This candidat... | R | |
| CVE-2011-5371 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5371. Reason: This candidat... | R | |
| CVE-2011-5372 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5372. Reason: This candidat... | R | |
| CVE-2011-5373 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-5373. Reason: This candidat... | R |