2011 CVE Vulnerabilities
4,898 CVEs published in 2011.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2011-4678 | — | — | 1.2% | Dec 6, 2011 | The password reset feature in One Click Orgs before 1.2.3 generates different error messages for failed reset attempts d... |
| CVE-2011-4677 | — | — | 1.4% | Dec 6, 2011 | One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier... |
| CVE-2011-4555 | — | — | 1.0% | Dec 6, 2011 | One Click Orgs before 1.2.3 does not require unique e-mail addresses for user accounts, which allows remote authenticate... |
| CVE-2011-4554 | — | — | 1.0% | Dec 6, 2011 | One Click Orgs before 1.2.3 allows remote authenticated users to trigger crafted SMTP traffic via (1) " (double quote) a... |
| CVE-2011-4553 | — | — | 1.0% | Dec 6, 2011 | Multiple open redirect vulnerabilities in One Click Orgs before 1.2.3 allow (1) remote attackers to redirect users to ar... |
| CVE-2011-4552 | — | — | 0.9% | Dec 6, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in One Click Orgs before 1.2.3 allow remote attackers to inject arbi... |
| CVE-2011-4130 | — | — | 12.8% | Dec 6, 2011 | Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute a... |
| CVE-2011-4675 | — | — | 3.4% | Dec 5, 2011 | The pathname canonicalization functionality in io/filesystem/filesystem.cc in Widelands before 15.1 expands leading ~ (t... |
| CVE-2011-4543 | — | — | 2.9% | Dec 5, 2011 | Multiple directory traversal vulnerabilities in osCommerce 3.0.2 allow remote attackers to include and execute arbitrary... |
| CVE-2011-4356 | — | — | 0.3% | Dec 5, 2011 | Celery 2.1 and 2.2 before 2.2.8, 2.3 before 2.3.4, and 2.4 before 2.4.4 changes the effective id but not the real id dur... |
| CVE-2011-4162 | — | — | 8.0% | Dec 5, 2011 | The (1) AddUser, (2) AddUserEx, (3) RemoveUser, (4) RemoveUserByGuide, (5) RemoveUserEx, and (6) RemoveUserRegardless me... |
| CVE-2011-4052 | — | — | 5.9% | Dec 5, 2011 | Stack-based buffer overflow in CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio ... |
| CVE-2011-4051 | — | — | 70.2% | Dec 5, 2011 | CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require au... |
| CVE-2011-2397 | — | — | 5.5% | Dec 5, 2011 | The Agent service in Iron Mountain Connected Backup 8.4 allows remote attackers to execute arbitrary code via a crafted ... |
| CVE-2011-1932 | — | — | 2.0% | Dec 5, 2011 | Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers t... |
| CVE-2011-4674 | — | — | 2.5% | Dec 2, 2011 | SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows rem... |
| CVE-2011-4673 | — | — | 2.2% | Dec 2, 2011 | SQL injection vulnerability in modules/sharedaddy.php in the Jetpack plugin for WordPress allows remote attackers to exe... |
| CVE-2011-4672 | — | — | 1.1% | Dec 2, 2011 | Multiple SQL injection vulnerabilities in Valid tiny-erp 1.6 and earlier allow remote attackers to execute arbitrary SQL... |
| CVE-2011-4671 | — | — | 3.1% | Dec 2, 2011 | SQL injection vulnerability in adrotate/adrotate-out.php in the AdRotate plugin 3.6.6, and other versions before 3.6.8, ... |
| CVE-2011-4670 | — | — | 3.0% | Dec 2, 2011 | Multiple cross-site scripting (XSS) vulnerabilities in vTiger CRM 5.2.1 and earlier allow remote attackers to inject arb... |
| CVE-2011-4669 | — | — | 2.3% | Dec 2, 2011 | SQL injection vulnerability in wp-users.php in WordPress Users plugin 1.3 and possibly earlier for WordPress allows remo... |
| CVE-2011-4668 | — | — | 3.0% | Dec 2, 2011 | IBM Tivoli Netcool/Reporter 2.2 before 2.2.0.8 allows remote attackers to execute arbitrary code via vectors related to ... |
| CVE-2011-4545 | — | — | 3.8% | Dec 2, 2011 | CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary... |
| CVE-2011-4036 | — | — | 2.0% | Dec 2, 2011 | Directory traversal vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earli... |
| CVE-2011-4035 | — | — | 1.3% | Dec 2, 2011 | Cross-site scripting (XSS) vulnerability in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 an... |
Check if your code is affected by 2011 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now