260321
|
- |
|
jamroom
|
jamroom
|
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2463
|
2010-06-28 13:00 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260322
|
- |
|
linearcorp
|
emerge_50 emerge_5000
|
The Linear eMerge 50 and 5000 uses a default password of eMerge for the IEIeMerge account, which makes it easier for remote attackers to obtain Video Recorder data by establishing a session to the de…
|
CWE-255
Credentials Management
|
CVE-2010-2469
|
2010-06-28 13:00 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260323
|
- |
|
accscripts
|
acc_statistics
|
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change (1) passwo…
|
CWE-352
Origin Validation Error
|
CVE-2009-4905
|
2010-06-28 13:00 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260324
|
- |
|
accscripts
|
acc_php_email
|
Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
|
CWE-352
Origin Validation Error
|
CVE-2009-4906
|
2010-06-28 13:00 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260325
|
- |
|
sun
|
opensolaris solaris
|
Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interfa…
|
NVD-CWE-noinfo
|
CVE-2009-3164
|
2010-06-25 14:32 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260326
|
- |
|
tim_lochmueller
|
mydashboard
|
Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1011
|
2010-06-25 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260327
|
- |
|
fr.simon_rundell
|
pd_diocesedatabase
|
SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vect…
|
CWE-89
SQL Injection
|
CVE-2010-1013
|
2010-06-25 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260328
|
- |
|
redhat
|
enterprise_virtualization_hypervisor
|
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2223
|
2010-06-25 13:00 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260329
|
- |
|
upredsun
|
subtitle_translation_wizard
|
Stack-based buffer overflow in st-wizard.exe in Subtitle Translation Wizard 3.0 allows user-assisted remote attackers to execute arbitrary code via a crafted SRT file with a long line after a time ra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2440
|
2010-06-25 13:00 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260330
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain sensitive information by reading the default_create.log file that is associated with profile creatio…
|
CWE-200
Information Exposure
|
CVE-2010-2323
|
2010-06-25 06:05 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|