|
259631
|
- |
|
joomlatune
|
com_proofreader
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4157
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259632
|
- |
|
roytanck
|
wp-cumulus
|
Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4169
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259633
|
- |
|
hp
|
decnet_plus_for_openvms
|
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5417
|
2011-01-5 14:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259634
|
- |
|
hp
|
storage_essentials
|
Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2010-4029
|
2011-01-4 15:45 |
2010-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259635
|
- |
|
monkeysphere_project
|
monkeysphere
|
share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local users to execute arbitrary code via unknown manipulations related to the "monkeysphere-authentication keys-for-user" command.
|
CWE-94
Code Injection
|
CVE-2010-4096
|
2011-01-4 15:45 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259636
|
- |
|
mybboard
|
mybb
|
inc/functions_time.php in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service (CPU consumption) via a crafted request with a large y…
|
CWE-399
Resource Management Errors
|
CVE-2009-4448
|
2011-01-4 15:37 |
2009-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259637
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allows remote authenticated users to inject arbitrary web script or HTML via an HTML document with a .gif filename extension, related…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2802
|
2011-01-4 14:00 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259638
|
- |
|
dojofoundation
ibm
|
dojo_toolkit
rational_clearquest
|
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to …
|
CWE-200
Information Exposure
|
CVE-2010-4600
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259639
|
- |
|
ibm
|
rational_clearquest
|
Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related…
|
NVD-CWE-noinfo
|
CVE-2010-4601
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259640
|
- |
|
habariproject
|
habari
|
Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) additem_form parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4607
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
