SQL injection vulnerability in index.php in Almnzm 2.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2011-11-22 http://www.securityfocus.com/bid/39487 http://packetstormsecurity.org/1004-exploits/almnrzm-sql.txt
Cross-site scripting (XSS) vulnerability in Special:Login in JAMWiki before 0.8.4 allows remote attackers to inject arbitrary web script or HTML via the message parameter. Date published : 2011-11-22 http://www.securityfocus.com/bid/39225 http://jamwiki.svn.sourceforge.net/viewvc/jamwiki/wiki/branches/0.8.x/jamwiki-war/src/main/webapp/CHANGELOG.txt?view=markup&revision=2995
SQL injection vulnerability in the XOBBIX (com_xobbix) component 1.0.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the prodid parameter in a prod_desc action to index.php. Date published : 2011-11-22 http://www.securityfocus.com/bid/39259...
Cross-site scripting (XSS) vulnerability in admin/components.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the val[] parameter. Date published : 2011-11-22 http://www.securityfocus.com/bid/40374 http://www.securityfocus.com/archive/1/511458/100/0/threaded
Cross-site scripting (XSS) vulnerability in admin/core/admin_func.php in razorCMS 1.0 stable allows remote attackers to inject arbitrary web script or HTML via the content parameter in an edit action to admin/index.php. Date published : 2011-11-22...
Cross-site scripting (XSS) vulnerability in jsp/admin/tools/remote_share.jsp in ManageEngine ADManager Plus 4.4.0 allows remote attackers to inject arbitrary web script or HTML via the computerName parameter. NOTE: the provenance of this information is unknown; the...
SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the nav_time parameter. Date published : 2011-11-22 http://www.securityfocus.com/bid/39752 http://www.securityfocus.com/archive/1/511454/100/0/threaded
Cross-site scripting (XSS) vulnerability in admin.jcomments.php in the JoomlaTune JComments (com_jcomments) component 2.1.0.0 for Joomla! allows remote authenticated users to inject arbitrary web script or HTML via the name parameter to index.php. Date published...
SQL injection vulnerability in page.php in V-EVA Press Release Script allows remote attackers to execute arbitrary SQL commands via the id parameter. Date published : 2011-11-22 http://www.securityfocus.com/bid/40172 http://packetstormsecurity.org/1005-exploits/pressrelease-sql.txt
Cross-site scripting (XSS) vulnerability in admin.php in ecoCMS allows remote attackers to inject arbitrary web script or HTML via the p parameter. Date published : 2011-11-22 http://www.securityfocus.com/bid/39901 http://www.securityfocus.com/archive/1/511117/100/0/threaded
The D-Link DIR-685 router, when certain WPA and WPA2 configurations are used, does not maintain an encrypted wireless network during transfer of a large amount of network traffic, which allows remote attackers to obtain...
The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 with firmware 7.x before 7.4.3.2 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to...
The UPnP IGD implementation on SpeedTouch 5×6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface,...
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the...