|
260271
|
- |
|
mahara
|
mahara
|
Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options for authentication plugins associated with logins that use the single sign-on (SSO) functionality, …
|
CWE-287
Improper Authentication
|
CVE-2010-1670
|
2010-07-7 13:00 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260272
|
- |
|
htmlpurifier
mahara
|
htmlpurifier
mahara
|
Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2479
|
2010-07-7 13:00 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260273
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to ac…
|
NVD-CWE-Other
|
CVE-2009-4641
|
2010-07-7 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260274
|
- |
|
logahead
|
logahead_unu
|
Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the Widg…
|
CWE-94
Code Injection
|
CVE-2006-6887
|
2010-07-7 13:00 |
2006-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260275
|
- |
|
citrix
|
xenserver
|
Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "i…
|
NVD-CWE-Other
|
CVE-2010-2619
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260276
|
- |
|
open-ftpd
|
open-ftpd
|
Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login s…
|
CWE-287
Improper Authentication
|
CVE-2010-2620
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260277
|
- |
|
hitachi
|
serverconductor_\/_deployment_manager
jp1\/_serverconductor_\/_deployment_manager
|
Unspecified vulnerability in the Client Service for DPM in Hitachi ServerConductor / Deployment Manager 01-00, 01-01, and 06-00 through 06-00-/A; ServerConductor / Deployment Manager Standard Edition…
|
NVD-CWE-noinfo
|
CVE-2010-2625
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260278
|
- |
|
ea
|
battlefield_2
battlefield_2142
|
Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) and earlier, and Battlefield 2142 (1.10.48.0) and earlier, allow remote servers …
|
CWE-22
Path Traversal
|
CVE-2010-2627
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260279
|
- |
|
dan_pascu
|
python-cjson
|
Dan Pascu python-cjson 1.0.5 does not properly handle a ['/'] argument to cjson.encode, which makes it easier for remote attackers to conduct certain cross-site scripting (XSS) attacks involving Fire…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4924
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260280
|
- |
|
cerberusftp
|
ftp_server
|
Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2004-2769
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
