CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
11851 CVE-2011-5316 352 CSRF 2015-01-01 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action.
11852 CVE-2011-5315 352 CSRF 2015-01-01 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/index.php in whCMS 0.115 alpha allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action.
11853 CVE-2011-5311 352 CSRF 2015-01-01 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in pages.php in Wikipad 1.6.0 allows remote attackers to hijack the authentication of administrators for requests that modify pages via the data[text] parameter.
11854 CVE-2011-5306 352 CSRF 2015-01-01 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in cgi-bin/admin/setup_edit.cgi in CosmoShop ePRO 10.05.00 allows remote attackers to hijack the authentication of administrators for requests that modify settings via a setup action.
11855 CVE-2011-5302 352 CSRF 2015-01-01 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in adm/admin_edit.php in PHPDug 2.0.0 allows remote attackers to hijack the authentication of administrators for requests that modify credentials.
11856 CVE-2011-5300 352 CSRF 2015-01-01 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/setup/config/users.php in poMMo Aardvark PR16.1 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via certain admin_ parameters.
11857 CVE-2011-5298 352 CSRF 2015-01-01 2015-01-02
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Argyle Social 2011-04-26 allow remote attackers to hijack the authentication of administrators for requests that (1) modify credentials via the role parameter to users/create/, (2) modify rules via the terms field in stream_filter_rule JSON data to settings-ajax/stream_filter_rules/create, or (3) modify efforts via the title field in effort JSON data to publish-ajax/efforts/create.
11858 CVE-2011-5294 264 2015-01-01 2015-01-02
6.4
None Remote Low Not required None Partial Partial
The SaveMessage method in the LEADeMail.LEADSmtp.20 ActiveX control in LTCML14n.dll 14.0.0.34 in Kofax e-Transactions Sender Sendbox 2.5.0.933 allows remote attackers to write to arbitrary files via a pathname in the first argument.
11859 CVE-2011-5291 264 2014-12-31 2015-01-02
6.4
None Remote Low Not required None Partial Partial
The SaveData method in the Cygnicon.ViewControl.1 ActiveX control in CyViewer.ocx in Ashampoo 3D CAD Professional 3.x before 3.0.2 allows remote attackers to write to arbitrary files via a pathname in the first argument.
11860 CVE-2011-5290 264 2014-12-31 2015-01-02
6.4
None Remote Low Not required None Partial Partial
The SaveToFile method in the UniBasicPack.UniTextBox ActiveX control in UniBasic100_EDA1811C.ocx in IDrive Online Backup 3.4.0 allows remote attackers to write to arbitrary files via a pathname in the first argument.
11861 CVE-2011-5289 264 2014-12-31 2015-01-02
6.4
None Remote Low Not required None Partial Partial
The SaveDecrypted method in the ChilkatCrypt2.ChilkatOmaDrm.1 ActiveX control in ChilkatCrypt2.dll in aTube Catcher 2.3.570 allows remote attackers to write to arbitrary files via a pathname in the argument.
11862 CVE-2011-5279 20 2014-04-23 2019-07-03
6.4
None Remote Low Not required None Partial Partial
CRLF injection vulnerability in the CGI implementation in Microsoft Internet Information Services (IIS) 4.x and 5.x on Windows NT and Windows 2000 allows remote attackers to modify arbitrary uppercase environment variables via a \n (newline) character in an HTTP header.
11863 CVE-2011-5276 89 Exec Code Sql 2014-03-21 2014-03-21
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain Technologie Control (DTC) before 0.32.11 allows remote authenticated users to execute arbitrary SQL commands via the database_name parameter.
11864 CVE-2011-5273 22 Exec Code Dir. Trav. 2014-03-21 2014-03-21
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal vulnerability in shared/package-installer in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary PHP code via a .. (dot dot) in the pkg parameter in a do_install action to dtc/.
11865 CVE-2011-5272 89 Exec Code Sql 2014-03-21 2014-03-24
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in Domain Technologie Control (DTC) before 0.34.1 allows remote authenticated users to execute arbitrary SQL commands via the vps_note parameter to dtcadmin/logPushlet.php. NOTE: this issue was originally part of CVE-2011-3197, but that ID was SPLIT due to different researchers.
11866 CVE-2011-5259 89 Exec Code Sql 2013-02-12 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in lib/controllers/CentralController.php in OrangeHRM before 2.6.11.2 allows remote attackers to execute arbitrary SQL commands via the id parameter.
11867 CVE-2011-5244 189 DoS Exec Code 2012-11-19 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple off-by-one errors in the (1) token and (2) linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a DVI file containing a crafted Adobe Font Metrics (AFM) file, different vulnerabilities than CVE-2010-2642 and CVE-2011-0433.
11868 CVE-2011-5226 352 CSRF 2012-10-25 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in wordpress_sentinel.php in the Sentinel plugin 1.0.0 for WordPress allows remote attackers to hijack the authentication of an administrator for requests that trigger snapshots.
11869 CVE-2011-5210 22 Dir. Trav. 2012-10-09 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Directory traversal vulnerability in admin/preview.php in Limny 3.0.0 allows remote attackers to read arbitrary files via a ..%2F (encoded dot dot slash) in the theme parameter.
11870 CVE-2011-5157 +Priv 2012-09-06 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Attachmate Reflection before 14.1 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, a related issue to CVE-2011-0107. NOTE: some of these details are obtained from third party information.
11871 CVE-2011-5156 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Effective File Search 6.7 allows local users to gain privileges via a Trojan horse ztvunrar36.dll file in the current working directory, as demonstrated by a directory that contains a .efs file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11872 CVE-2011-5155 +Priv 2012-09-06 2012-09-06
6.3
None Local Medium Not required Complete Complete None
Untrusted search path vulnerability in Help & Manual 5.5.1 Build 1296 allows local users to gain privileges via a Trojan horse ijl15.dll file in the current working directory, as demonstrated by a directory that contains a .hmxz, .hmxp, .hmskin, .hmx, .hm3, .hpj, .hlp, or .chm file. NOTE: some of these details are obtained from third party information.
11873 CVE-2011-5154 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 through 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .sap file. NOTE: some of these details are obtained from third party information.
11874 CVE-2011-5153 +Priv 2012-09-06 2012-09-06
6.3
None Local Medium Not required Complete Complete None
Untrusted search path vulnerability in FotoSlate 4.0 Build 146 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .plp file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11875 CVE-2011-5152 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Multiple untrusted search path vulnerabilities in ACDSee Photo Editor 2008 5.x build 291 allow local users to gain privileges via a Trojan horse (1) Wintab32.dll or (2) CV11-DialogEditor.dll file in the current working directory, as demonstrated by a directory that contains a .apd file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11876 CVE-2011-5151 +Priv 2012-09-06 2012-09-06
6.9
None Local Medium Not required Complete Complete Complete
Untrusted search path vulnerability in ACDSee Picture Frame Manager 1.0 Build 81 allows local users to gain privileges via a Trojan horse ShellIntMgrPFMU.dll file in the current working directory, as demonstrated by a directory that contains a .jpg file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
11877 CVE-2011-5141 22 Dir. Trav. 2012-08-31 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the module parameter in an export_page action.
11878 CVE-2011-5136 20 2012-08-30 2017-08-28
6.4
None Remote Low Not required None Partial Partial
showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter.
11879 CVE-2011-5134 Exec Code 2012-08-30 2012-09-13
6.0
None Remote Medium Single system Partial Partial Partial
Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the JCE component before 2.0.18 for Joomla! allows remote authenticated users with the author privileges to execute arbitrary PHP code by uploading a file with a double extension, as demonstrated by .php.gif. NOTE: some of these details are obtained from third party information.
11880 CVE-2011-5131 352 CSRF 2012-08-30 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in global.php in MyBB before 1.6.5 allows remote attackers to hijack the authentication of a user for requests that change the user's language via the language parameter.
11881 CVE-2011-5117 362 2012-08-24 2012-08-24
6.9
None Local Medium Not required Complete Complete Complete
Sophos SafeGuard Enterprise Device Encryption 5.x through 5.50.8.13, Sophos SafeGuard Easy Device Encryption Client 5.50.x, and Sophos Disk Encryption 5.50.x have a delay before removal of (1) out-of-date credentials and (2) invalid credentials, which allows physically proximate attackers to defeat the full-disk encryption feature by leveraging knowledge of these credentials.
11882 CVE-2011-5098 264 Bypass 2012-08-08 2012-08-10
6.5
None Remote Low Single system Partial Partial Partial
chef-server-api/app/controllers/clients.rb in Chef Server in Chef before 0.9.20, and 0.10.x before 0.10.6, does not require administrative privileges for creating admin clients, which allows remote authenticated users to bypass intended access restrictions by leveraging read permission for the validation key and executing a knife client create command with the --admin option.
11883 CVE-2011-5093 264 Exec Code Bypass 2012-06-04 2012-06-05
6.5
None Remote Low Single system Partial Partial Partial
Best Practical Solutions RT 4.x before 4.0.6 does not properly implement the DisallowExecuteCode option, which allows remote authenticated users to bypass intended access restrictions and execute arbitrary code by leveraging access to a privileged account, a different vulnerability than CVE-2011-4458 and CVE-2011-5092.
11884 CVE-2011-5090 287 2012-05-23 2017-08-28
6.4
None Remote Low Not required None Partial Partial
GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote attackers to modify or delete data via a request to (1) mod_rewrite.php, (2) comment_write_ok.php, (3) poll/index.php, (4) update/index.php, (5) trackback.php, or (6) an arbitrary poll.php script under theme/.
11885 CVE-2011-5086 20 DoS Exec Code 2012-04-18 2012-04-20
6.8
None Remote Medium Not required Partial Partial Partial
https50.ocx in IP*Works! SSL in the server in Unitronics UniOPC before 2.0.0 does not properly implement an unspecified function, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site.
11886 CVE-2011-5078 264 2012-02-08 2012-02-09
6.5
None Remote Low Single system Partial Partial Partial
The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD# 3 and 7.0 before ESD# 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP requests, aka Bug IDs 678497 and 678499.
11887 CVE-2011-5074 352 CSRF 2012-01-29 2012-02-02
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) before 3.65 allow remote attackers to hijack the authentication of administrators for requests that change administrator email, add a new administrator, or insert arbitrary script via (1) user_profile_edit.php or (2) user_add.php.
11888 CVE-2011-5069 Exec Code 2012-01-28 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
Unrestricted file upload vulnerability in incident_attachments.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in unspecified directory, a different program than CVE-2011-3833.
11889 CVE-2011-5068 352 CSRF 2012-01-28 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via user_delete.php and other unspecified programs.
11890 CVE-2011-5058 264 2012-01-10 2017-08-28
6.4
None Remote Low Not required None Partial Partial
The CmbWebserver.dll module of the Control service in 3S CoDeSys 3.4 SP4 Patch 2 allows remote attackers to create arbitrary directories under the web root by specifying a non-existent directory using \ (backslash) characters in an HTTP GET request.
11891 CVE-2011-5054 287 2012-01-06 2017-08-28
6.9
None Local Medium Not required Complete Complete Complete
kcheckpass passes a user-supplied argument to the pam_start function, often within a setuid environment, which allows local users to invoke any configured PAM stack, and possibly trigger unintended side effects, via an arbitrary valid PAM service name, a different vulnerability than CVE-2011-4122. NOTE: the vendor indicates that the possibility of resultant privilege escalation may be "a bit far-fetched."
11892 CVE-2011-5050 89 Exec Code Sql 2012-01-04 2017-08-28
6.0
None Remote Medium Single system Partial Partial Partial
SQL injection vulnerability in corporate/Controller in Elitecore Technologies Cyberoam UTM before 10.01.2 build 059 allows remote authenticated administrators to execute arbitrary SQL commands via the tableid parameter. NOTE: some of these details are obtained from third party information.
11893 CVE-2011-5011 352 CSRF 2011-12-24 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in xt:Commerce 3.0.4 SP2.1 and possibly earlier allow remote attackers to hijack the authentication of Admins for requests that (1) set a New user to Admin via the cID parameter to a statusconfirm action in admin/customers.php and (2) grant permissions to users via the cID parameter to a save action in admin/accounting.php.
11894 CVE-2011-5004 Exec Code 2011-12-24 2012-02-16
6.0
None Remote Medium Single system Partial Partial Partial
Unrestricted file upload vulnerability in models/importcsv.php in the Fabrik (com_fabrik) component before 2.1.1 for Joomla! allows remote authenticated users with Manager privileges to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
11895 CVE-2011-4966 255 2013-03-12 2013-03-19
6.0
None Remote Medium Single system Partial Partial Partial
modules/rlm_unix/rlm_unix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password.
11896 CVE-2011-4962 20 Exec Code 2012-09-17 2012-09-18
6.8
None Remote Medium Not required Partial Partial Partial
code/sitefeatures/PageCommentInterface.php in SilverStripe 2.4.x before 2.4.6 might allow remote attackers to execute arbitrary code via a crafted cookie in a user comment submission, which is not properly handled when it is deserialized.
11897 CVE-2011-4961 264 +Priv 2012-09-17 2012-10-15
6.0
None Remote Medium Single system Partial Partial Partial
SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6 allows remote authenticated users with the EDIT_PERMISSIONS permission to gain administrator privileges via a TreeMultiselectField that includes admin groups when adding a user to the selected groups.
11898 CVE-2011-4959 89 Exec Code Sql 2012-09-17 2012-10-15
6.8
None Remote Medium Not required Partial Partial Partial
SQL injection vulnerability in the addslashes method in SilverStripe 2.3.x before 2.3.12 and 2.4.x before 2.4.6, when connected to a MySQL database using far east character encodings, allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
11899 CVE-2011-4953 20 Exec Code 2014-10-26 2014-10-28
6.8
None Remote Medium Not required Partial Partial Partial
The set_mgmt_parameters function in item.py in cobbler before 2.2.2 allows context-dependent attackers to execute arbitrary code via vectors related to the use of the yaml.load function instead of the yaml.safe_load function, as demonstrated using Puppet.
11900 CVE-2011-4947 352 XSS CSRF 2012-08-31 2017-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the user_include parameter.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.