2011 CVE Vulnerabilities

4,898 CVEs published in 2011.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2011-4678The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts d...
CVE-2011-4677One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier...
CVE-2011-4555One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticate...
CVE-2011-4554One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) a...
CVE-2011-4553Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to ar...
CVE-2011-4552Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbi...
CVE-2011-4130Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute a...
CVE-2011-4675The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading ~ (t...
CVE-2011-4543Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary...
CVE-2011-4356Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id dur...
CVE-2011-4162The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless me...
CVE-2011-4052Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio ...
CVE-2011-4051CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require au...
CVE-2011-2397The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted ...
CVE-2011-1932Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers t...
CVE-2011-4674SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows rem...
CVE-2011-4673SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to exe...
CVE-2011-4672Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL...
CVE-2011-4671SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, ...
CVE-2011-4670Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arb...
CVE-2011-4669SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remo...
CVE-2011-4668IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to ...
CVE-2011-4545CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary...
CVE-2011-4036Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earli...
CVE-2011-4035Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 an...

Check if your code is affected by 2011 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now