Koala Framework Cross-Site Scripting Vulnerability

Koala Framework is a web application framework. A cross-site scripting vulnerability exists in Koala Framework versions prior to 2011-11-21. The vulnerability stems from a lack of proper validation of client-side data by the web application. An attacker can exploit this vulnerability to execute...

CVE-2011-5018

Koala Framework before 2011-11-21 has XSS via the requesturi parameter...

Ruby OpenSSL extension encryption issue vulnerability

Ruby is a cross-platform, object-oriented, dynamically-typed programming language from the software developer Yukihiro Matsumoto. openSSL extension is an OpenSSL security extension used in it. A cryptographic issue exists in the OpenSSL extension in Ruby versions 2011-09-01 through 2011-11-03,...

phpMyAdmin 3.4.x < 3.4.3.2 Multiple Directory Traversal Vulnerabilities (PMASA-2011-10, PMASA-2011-11) - Linux

phpMyAdmin is prone to multiple directory traversal vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Amazon Linux: Security Advisory (ALAS-2011-11)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IrfanView FlashPix PlugIn Double-Free Vulnerability

No description provided by source. Application: IrfanView FlashPix PlugIn Double-Free Vulnerability Platforms: Windows Exploitation: Remote code execution Secunia Number: SA47322 PRL: 2011-11 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter:...

Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020006 Buffer Overflow

This module exploits a remote buffer overflow in the Citrix Provisioning Services 5.6 SP1 without Hotfix CPVS56SP1E043 by sending a malformed packet with the opcode 0x40020006 GetObjetsRequest to the 6905/UDP port. The module, which allows code execution under the context of SYSTEM, has been...

Cyberoam UTM Multiiple Vulnerabilities

Exploit for hardware platform in category web applications Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and...

IrfanView FlashPix PlugIn - Double-Free

IrfanView FlashPix PlugIn - Double-Free Application: IrfanView FlashPix PlugIn Double-Free Vulnerability Platforms: Windows Exploitation: Remote code execution Secunia Number: SA47322 PRL: 2011-11 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter:...

Solaris 10 (x86) : 147989-01 (deprecated)

SunOS 5.10x86: gifload patch. Date this patch was last updated by Sun : Nov/28/11 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/11/20. C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...

CVE-2011-5259

creationtimestamp| type| source ---|---|--- 2011-11-30 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36381...

Adapt CMS 2.0.1 SQL Injection

Title: ====== Adapt CMS v2.0.1 - SQL Injection Vulnerability Date: ===== 2011-11-25 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=341 VL-ID: ===== 341 Introduction: ============= AdaptCMS is brought to you by Insane Visions, with the v2.0.1 versions being the first bi...

CVE-2011-5111

creationtimestamp| type| source ---|---|--- 2011-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36350 2011-11-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36351...

Yahoo! Small Business Directory Traversal

======================================== Yahoo! smallbusiness Directory Traversal ======================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 . .--. .--. .---. . 1 1 .'| / | 0 0 | --: --: / .-.| .-. . . 1 1 | / | | | 0 0 '---' --' --' ' -'--'---| 1 1 ; 0 0...

CVE-2011-4926

creationtimestamp| type| source ---|---|--- 2011-11-21 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36325...

CVE-2009-1523

creationtimestamp| type| source ---|---|--- 2011-11-18 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36318...

CVE-2011-5105

creationtimestamp| type| source ---|---|--- 2011-11-17 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36316...

CVE-2011-4334

creationtimestamp| type| source ---|---|--- 2011-11-09 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18100...

Calibre E-Book Reader - Local Privilege Escalation (3)

Calibre E-Book Reader - Local Privilege Escalation 3 / .80 Calibrer Assault Mount by zx2c4 Yesterday's assult mount used inotify to mount into /etc/pam.d. Today we expand the attack by adding a race toggler so we can mount from non-block devices. Enjoy. - zx2c4 2011-11-4 greets to djrbliss /...

CVE-2011-3336

creationtimestamp| type| source ---|---|--- 2011-11-04 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/36288 2020-02-12 22:37:19+00:00| seen| https://t.me/cibsecurity/9800...