|
260971
|
- |
|
ibm
|
lotus_domino_server
|
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 through 8.0, enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authen…
|
CWE-16
Configuration
|
CVE-2008-7253
|
2010-01-26 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260972
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 10.1.0.4 (10g) allows remote authenticated attackers to affect availability via unknown vectors, aka DB02.
|
NVD-CWE-noinfo
|
CVE-2005-4884
|
2010-01-26 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260973
|
- |
|
jce-tech
|
php_calendars_script
|
install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote attackers to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a …
|
CWE-16
CWE-264
Configuration
Permissions, Privileges, and Access Controls
|
CVE-2010-0380
|
2010-01-25 14:00 |
2010-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260974
|
- |
|
phpmyspace
|
phpmyspace
|
SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a show_stats action…
|
CWE-89
SQL Injection
|
CVE-2010-0381
|
2010-01-25 14:00 |
2010-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260975
|
- |
|
phpmyspace
|
phpmyspace
|
SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action.…
|
CWE-89
SQL Injection
|
CVE-2010-0377
|
2010-01-23 03:30 |
2010-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260976
|
- |
|
zeus
|
zeus_web_server
|
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an inv…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0359
|
2010-01-21 14:00 |
2010-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260977
|
- |
|
julian_kleinhans
|
kj_imagelightbox2
|
Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecif…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0327
|
2010-01-19 00:31 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260978
|
- |
|
matthias_karr
|
mk_anydropdownmenu
|
SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extension 0.3.28 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspec…
|
CWE-89
SQL Injection
|
CVE-2010-0322
|
2010-01-18 23:02 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260979
|
- |
|
arco_van_geest
|
goof_fotoboek
|
Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2010-0323
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260980
|
- |
|
patrick_bauerochse
|
ref_list
|
SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-0324
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
