|
271481
|
- |
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote atta…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0816
|
2010-04-27 14:49 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271482
|
- |
|
reyero
|
i18n
|
Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks pr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1530
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271483
|
- |
|
givesight
|
com_powermail
|
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact…
|
CWE-22
Path Traversal
|
CVE-2010-1532
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271484
|
- |
|
dragonfrugal
|
dfd_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1541
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271485
|
- |
|
acme
rca
|
micro_httpd
digital_cable_modem
|
micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80.
|
CWE-20
Improper Input Validation
|
CVE-2010-1544
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271486
|
- |
|
typo3
|
typo3
|
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which…
|
CWE-200
Information Exposure
|
CVE-2009-0815
|
2010-04-27 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271487
|
- |
|
samhain_labs
|
samhain
|
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication …
|
CWE-20
Improper Input Validation
|
CVE-2009-4810
|
2010-04-27 01:17 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271488
|
- |
|
palosanto
|
elastix
|
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this in…
|
CWE-22
Path Traversal
|
CVE-2010-1492
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271489
|
- |
|
joachim_ruhs
|
flat_manager
|
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4802
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271490
|
- |
|
phpmyfaq
|
phpmyfaq
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action,…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4780
|
2010-04-24 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
