Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-04-10 | CVE-2011-1674 | Improper Authentication vulnerability in Netgear Prosafe Wnap210 and Prosafe Wnap210 Firmware The NetGear ProSafe WNAP210 with firmware 2.0.12 allows remote attackers to bypass authentication and obtain access to the configuration page by visiting recreate.php and then visiting index.php. | 6.8 |
| 2011-04-10 | CVE-2011-1673 | Cryptographic Issues vulnerability in Netgear Prosafe Wnap210 and Prosafe Wnap210 Firmware BackupConfig.php on the NetGear ProSafe WNAP210 allows remote attackers to obtain the administrator password by reading the configuration file. | 5.0 |
| 2011-04-10 | CVE-2011-1672 | Information Exposure vulnerability in Dell Kace K2000 Systems Deployment Appliance The Dell KACE K2000 Systems Deployment Appliance 3.3.36822 and earlier contains a peinst CIFS share, which allows remote attackers to obtain sensitive information by reading the (1) unattend.xml or (2) sysprep.inf file, as demonstrated by reading a password. | 5.0 |
| 2011-04-10 | CVE-2011-1089 | Configuration vulnerability in GNU Glibc The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296. | 3.3 |
| 2011-04-10 | CVE-2011-0994 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell File Reporter Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data. | 10.0 |
| 2011-04-10 | CVE-2011-0765 | Privilege Escalation vulnerability in Pwhois Layer Four Traceroute 3.0/3.1/3.2 Unspecified vulnerability in lft in pWhois Layer Four Traceroute (LFT) 3.x before 3.3 allows local users to gain privileges via a crafted command line. | 7.2 |
| 2011-04-10 | CVE-2011-1671 | Cross-Site Scripting vulnerability in Getontracks Tracks 1.7.2/2.0 Cross-site scripting (XSS) vulnerability in app/controllers/todos_controller.rb in Tracks 1.7.2, 2.0RC2, and 2.0devel allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to todos/tag/. | 4.3 |
| 2011-04-10 | CVE-2011-1670 | Cross-Site Scripting vulnerability in A.Kulikov Interra Blog Machine 1.84 Cross-site scripting (XSS) vulnerability in actions/add.php in InTerra Blog Machine 1.84, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the subject parameter to post_url/edit. | 4.3 |
| 2011-04-10 | CVE-2011-1669 | Path Traversal vulnerability in Mikoviny WP Custom Pages 0.5.0.1 Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter. | 5.0 |
| 2011-04-10 | CVE-2011-1668 | Cross-Site Scripting vulnerability in Awcm-Cms AR web Content Manager 2.1/2.2 Cross-site scripting (XSS) vulnerability in search.php in AR Web Content Manager (AWCM) 2.1, 2.2, and possibly other versions allows remote attackers to inject arbitrary web script or HTML via the search parameter. | 4.3 |