Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-10-08 | CVE-2010-4894 | SQL Injection vulnerability in Chillycms 1.1.3 SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execute arbitrary SQL commands via the name parameter. | 7.5 |
| 2011-10-08 | CVE-2010-4893 | Cross-Site Scripting vulnerability in Festengine Festos 2.3B Cross-site scripting (XSS) vulnerability in foodvendors.php in FestOS 2.3b allows remote attackers to inject arbitrary web script or HTML via the category parameter in a details action. | 4.3 |
| 2011-10-08 | CVE-2011-3598 | Cross-Site Scripting vulnerability in PHPpgadmin Multiple cross-site scripting (XSS) vulnerabilities in phpPgAdmin before 5.0.3 allow remote attackers to inject arbitrary web script or HTML via (1) a web page title, related to classes/Misc.php; or the (2) return_url or (3) return_desc parameter to display.php. | 4.3 |
| 2011-10-08 | CVE-2011-2663 | Buffer Errors vulnerability in Novell Groupwise 8.0 Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message. | 10.0 |
| 2011-10-08 | CVE-2011-2662 | Numeric Errors vulnerability in Novell Groupwise 8.0 Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message. | 10.0 |
| 2011-10-08 | CVE-2011-2661 | Cross-Site Scripting vulnerability in Novell Groupwise 8.0 Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the (1) Directory.Item.name or (2) Directory.Item.displayName parameter. | 4.3 |
| 2011-10-08 | CVE-2011-2227 | Cross-Site Scripting vulnerability in Novell products Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603. | 4.3 |
| 2011-10-08 | CVE-2011-2219 | Unspecified vulnerability in Novell Groupwise 8.0 Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218. | 5.0 |
| 2011-10-08 | CVE-2011-2218 | Unspecified vulnerability in Novell Groupwise 8.0 Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2219. | 5.0 |
| 2011-10-08 | CVE-2011-1696 | Cross-Site Scripting vulnerability in Novell products Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972. | 4.3 |