|
266061
|
- |
|
monkeysphere_project
|
monkeysphere
|
share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local users to execute arbitrary code via unknown manipulations related to the "monkeysphere-authentication keys-for-user" command.
|
CWE-94
Code Injection
|
CVE-2010-4096
|
2011-01-4 15:45 |
2010-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266062
|
- |
|
mybboard
|
mybb
|
inc/functions_time.php in MyBB (aka MyBulletinBoard) 1.4.10, and possibly earlier versions, allows remote attackers to cause a denial of service (CPU consumption) via a crafted request with a large y…
|
CWE-399
Resource Management Errors
|
CVE-2009-4448
|
2011-01-4 15:37 |
2009-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266063
|
- |
|
mantisbt
|
mantisbt
|
Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allows remote authenticated users to inject arbitrary web script or HTML via an HTML document with a .gif filename extension, related…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2802
|
2011-01-4 14:00 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266064
|
- |
|
dojofoundation
ibm
|
dojo_toolkit
rational_clearquest
|
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to …
|
CWE-200
Information Exposure
|
CVE-2010-4600
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266065
|
- |
|
ibm
|
rational_clearquest
|
Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 allow attackers to have an unknown impact via vectors related…
|
NVD-CWE-noinfo
|
CVE-2010-4601
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266066
|
- |
|
habariproject
|
habari
|
Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the (1) additem_form parameter…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4607
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266067
|
- |
|
html-edit
|
html-edit_cms
|
SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to execute arbitrary SQL commands via the nuser parameter in a registrate action.
|
CWE-89
SQL Injection
|
CVE-2010-4609
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266068
|
- |
|
html-edit
|
html-edit_cms
|
Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to inject arbitrary web script or HTML via the error parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4610
|
2011-01-4 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266069
|
- |
|
henning_makholm
|
xcftools
|
Stack-based buffer overflow in the flattenIncrementally function in flatten.c in xcftools 1.0.4, as reachable from the (1) xcf2pnm and (2) xcf2png utilities, allows remote attackers to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-2175
|
2011-01-4 14:00 |
2009-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266070
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Java for Mac OS X 10.5 before Update 6 and 10.6 before Update 1 accepts expired certificates for applets, which makes it easier for remote attackers to execute arbitrary code via an applet.
|
CWE-310
Cryptographic Issues
|
CVE-2009-2843
|
2011-01-4 14:00 |
2009-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
