|
259701
|
- |
|
1024cms
|
1024_cms
|
SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action.
|
CWE-89
SQL Injection
|
CVE-2010-1093
|
2010-12-14 23:34 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259702
|
- |
|
jan_schutze
|
truc
|
Cross-site scripting (XSS) vulnerability in login_reset_password_page.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 and earlier allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1095
|
2010-12-14 14:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259703
|
- |
|
dedecms
|
dedecms
|
include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_start is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the _SESSION[d…
|
CWE-287
Improper Authentication
|
CVE-2010-1097
|
2010-12-14 14:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259704
|
- |
|
debian
|
mono-debugger
|
The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1, place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privi…
|
NVD-CWE-Other
|
CVE-2010-3369
|
2010-12-14 14:00 |
2010-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259705
|
- |
|
fenrir-inc
|
sleipnir
|
Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3918
|
2010-12-13 14:00 |
2010-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259706
|
- |
|
fenrir
|
grani
|
Fenrir Grani 4.5 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3919
|
2010-12-13 14:00 |
2010-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259707
|
- |
|
apple
|
mac_os_x
quicktime
mac_os_x_server
|
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during processing of JP2 image data, which allows remote attackers to execute arbitrary code or cause a denial…
|
CWE-20
Improper Input Validation
|
CVE-2010-3788
|
2010-12-11 15:47 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259708
|
- |
|
apple
|
mac_os_x
quicktime
mac_os_x_server
|
QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted AVI file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3789
|
2010-12-11 15:47 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259709
|
- |
|
apple
|
quicktime
mac_os_x
mac_os_x_server
|
Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3791
|
2010-12-11 15:47 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259710
|
- |
|
apple
|
quicktime
mac_os_x
mac_os_x_server
|
Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movi…
|
CWE-189
Numeric Errors
|
CVE-2010-3792
|
2010-12-11 15:47 |
2010-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
