Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-08-24 | CVE-2010-4830 | SQL Injection vulnerability in T-Dreams JOB Career Package 3.0 SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career Package 3.0 allows remote attackers to execute arbitrary SQL commands via the z_Residency parameter. | 7.5 |
| 2011-08-24 | CVE-2010-4829 | SQL Injection vulnerability in T-Dreams Cars ADS Package 2.0 SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allows remote attackers to execute arbitrary SQL commands via the key parameter. | 7.5 |
| 2011-08-24 | CVE-2010-4828 | Cross-Site Scripting vulnerability in Solarwinds Orion Network Performance Monitor 10.1 Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to MapView.aspx; NetObject parameter to (2) NodeDetails.aspx and (3) InterfaceDetails.aspx; and the (4) ChartName parameter to CustomChart.aspx. | 4.3 |
| 2011-08-24 | CVE-2010-4827 | Cross-Site Scripting vulnerability in Snitz Communications Snitz Forums 2000 3.4.07 Cross-site scripting (XSS) vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to inject arbitrary web script or HTML via the M_NAME parameter. | 4.3 |
| 2011-08-24 | CVE-2010-4826 | SQL Injection vulnerability in Snitz Communications Snitz Forums 2000 3.4.07 SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to execute arbitrary SQL commands via the M_NAME parameter. | 7.5 |
| 2011-08-24 | CVE-2010-4825 | Cross-Site Scripting vulnerability in Pleer Wp-Twitter-Feed 0.3.1 Cross-site scripting (XSS) vulnerability in magpie_debug.php in the Twitter Feed plugin (wp-twitter-feed) 0.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter. | 4.3 |
| 2011-08-24 | CVE-2011-3266 | Resource Management Errors vulnerability in Wireshark The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. | 2.6 |
| 2011-08-23 | CVE-2011-2735 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Autostart 5.3/5.4 Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.1 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by sending a crafted message over TCP. | 7.9 |
| 2011-08-23 | CVE-2011-2652 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file. | 4.3 |
| 2011-08-23 | CVE-2011-2651 | Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename. | 7.5 |