|
275411
|
- |
|
phpmyadmin
|
phpmyadmin
|
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-7251
|
2010-05-6 13:00 |
2010-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275412
|
- |
|
openttd
|
openttd
|
OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code v…
|
CWE-94
Code Injection
|
CVE-2010-0402
|
2010-05-5 22:22 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275413
|
- |
|
mochasoft
|
mocha_w32_lpd
|
Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted "recieve jobs" request. NOT…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1687
|
2010-05-5 13:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275414
|
- |
|
joomlacomponent.inetlanka
|
com_drawroot
|
Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified othe…
|
CWE-22
Path Traversal
|
CVE-2010-1723
|
2010-05-5 13:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275415
|
- |
|
cisco
|
router_and_security_device_manager
|
Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0594
|
2010-05-5 01:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275416
|
- |
|
rocky.nu
|
php_video_battle_script
|
SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to execute arbitrary SQL commands via the cat parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1701
|
2010-05-5 01:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275417
|
- |
|
rocky.nu
|
modelbook
|
SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter.
|
CWE-89
SQL Injection
|
CVE-2010-1705
|
2010-05-5 01:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275418
|
- |
|
piwigo
|
piwigo
|
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Piwigo 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) login and (2) mail_address pa…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1707
|
2010-05-5 01:00 |
2010-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275419
|
- |
|
cpanel
|
cpanel
|
Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4823
|
2010-05-4 14:49 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275420
|
- |
|
ffmpeg
|
ffmpeg
|
Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bound…
|
CWE-189
Numeric Errors
|
CVE-2009-4631
|
2010-05-4 14:48 |
2010-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
