Lucene search
K

12 matches found

Nuclei
Nuclei
added 12 hours ago40 views

WebTitan < 3.60 - Local File Inclusion

Directory traversal vulnerability in logs-x.php in SpamTitan WebTitan before 3.60 allows remote authenticated users to read arbitrary files via a .. dot dot in the fname parameter in a view action. id: CVE-2011-4640 info: name: WebTitan 3.60 - Local File Inclusion author: ctflearner severity:...

4CVSS6.1AI score0.07323EPSS
Exploits1References2
Nuclei
Nuclei
added 12 hours ago42 views

Joomla! Component com_kp - 'Controller' Local File Inclusion

A directory traversal vulnerability in the obSuggest comobsuggest component before 1.8 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2011-4804 info: name: Joomla! Component comkp - 'Controller' Local File Inclusion...

5CVSS6.1AI score0.24299EPSS
Exploits2References4
Nuclei
Nuclei
added 12 hours ago41 views

Cisco CUCM, UCCX, and Unified IP-IVR- Directory Traversal

A directory traversal vulnerability in Cisco Unified Communications Manager CUCM 5.x and 6.x before 6.15SU2, 7.x before 7.15bSU2, and 8.x before 8.03, and Cisco Unified Contact Center Express aka Unified CCX or UCCX and Cisco Unified IP Interactive Voice Response Unified IP-IVR before 6.01SR1ES8,...

7.8CVSS6.1AI score0.26393EPSS
Exploits0References4
Nuclei
Nuclei
added 12 hours ago79 views

Orchard 'ReturnUrl' Parameter URI - Open Redirect

Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1.x before 1.1.31, 1.2.x before 1.2.42, and 1.3.x before 1.3.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the ReturnUrl parameter. id: CVE-2011-52...

5.8CVSS6.1AI score0.11927EPSS
Exploits1References5
Nuclei
Nuclei
added 2 days ago25 views

Alert Before Your Post <= 0.1.1 - Cross-Site Scripting

A cross-site scripting vulnerability in postalert.php in Alert Before Your Post plugin, possibly 0.1.1 and earlier, for WordPress allows remote attackers to inject arbitrary web script or HTML via the name parameter. id: CVE-2011-5107 info: name: Alert Before Your Post = 0.1.1 - Cross-Site...

4.3CVSS6AI score0.08772EPSS
Exploits1References4
Nuclei
Nuclei
added 3 days ago51 views

Adminimize 1.7.22 - Cross-Site Scripting

A cross-site scripting vulnerability in adminimize/adminimizepage.php in the Adminimize plugin before 1.7.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter. id: CVE-2011-4926 info: name: Adminimize 1.7.22 - Cross-Site Scripting author: daffainf...

4.3CVSS6AI score0.10911EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2011-1462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application...

9.3CVSS8.4AI score0.03923EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2011-2826

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google Chrome before 13.0.782.215 allows remote attackers to bypass the Same Origin Policy via vectors related to empty origins. CVE-2011-2826 Note that Nessus...

7.5CVSS5.6AI score0.0114EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/08/23 2:16 p.m.5 views

CVE-2011-3548 vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-8-openj9, openjdk-26-openj9...

10CVSS7.2AI score0.03277EPSS
Exploits1
OSV
OSV
added 2012/10/01 11:55 p.m.2 views

DEBIAN-CVE-2011-4945

PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the wheel group to gain root privileges without authentication...

6.9CVSS6.6AI score0.00352EPSS
Exploits0References1
securityvulns
securityvulns
added 2011/12/11 12:0 a.m.42 views

ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-343 December 7, 2011 - -- CVE ID: CVE2011-4260 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...

0.4AI score
Exploits0
OSV
OSV
added 2011/10/02 8:55 p.m.9 views

CVE-2011-3974

Integer signedness error in the decoderesidualinter function in cavsdec.c in libavcodec in FFmpeg before 0.7.4 and 0.8.x before 0.8.3 allows remote attackers to cause a denial of service incorrect write operation and application crash via an invalid bitstream in a Chinese AVS video aka CAVS file,...

6.3AI score0.02502EPSS
Exploits0References6
Rows per page
Query Builder