Showing 1 - 1 of 1

CVE-2011-1404

Status Candidate

Overview

Mahara before 1.3.6 does not properly restrict the data in responses to AJAX calls, which allows remote authenticated users to obtain sensitive information via a request associated with (1) blocktype/myfriends/myfriends.json.php, (2) json/usersearch.php, (3) group/membersearchresults.json.php, or (4) json/friendsearch.php, as demonstrated by information about friends and e-mail addresses.

Related Files

Debian Security Advisory 2246-1: Posted May 29, 2011; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2246-1 - Several vulnerabilities were discovered in mahara, an electronic portfolio, weblog, and resume builder.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2011-1402, CVE-2011-1403, CVE-2011-1404, CVE-2011-1405, CVE-2011-1406; SHA-256 | ba3a5abdd8001f5ec154d30befa0306d62a84e4263dc60f203fbe254133a260f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 61 files
LiquidWorm 24 files
Debian 18 files
indoushka 15 files
Apple 9 files
Google Security Research 6 files
Gentoo 5 files
Jann Horn 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,156)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,827)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,244)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2011-1404

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems