260921
|
- |
|
arco_van_geest
|
goof_fotoboek
|
Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2010-0323
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260922
|
- |
|
patrick_bauerochse
|
ref_list
|
SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-0324
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260923
|
- |
|
sebastian_baumann
|
sb_folderdownload
|
Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier for TYPO3 allows remote attackers to obtain sensitive information via unknown attack vectors.
|
NVD-CWE-noinfo
|
CVE-2010-0325
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260924
|
- |
|
francois_suter rene_fritz
|
devlog
|
Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0326
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260925
|
- |
|
rastislav_birka
|
cs2_unitconv
|
Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0328
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260926
|
- |
|
julian_fries
|
jf_easymaps
|
SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps) extension 1.0.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-0330
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260927
|
- |
|
typo3
|
majordomo
|
Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0345
|
2010-01-18 14:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260928
|
- |
|
sambar
|
sambar_server
|
search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter.
|
NVD-CWE-Other
|
CVE-2000-0835
|
2010-01-16 14:00 |
2000-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260929
|
- |
|
webtrends
|
reporting_center
|
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an…
|
CWE-200
Information Exposure
|
CVE-2002-0596
|
2010-01-16 14:00 |
2002-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260930
|
- |
|
fedoraproject
|
sssd
|
System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but the KDC is unreachable, allows physically proximate attackers to authenticate, via an arbitrary pass…
|
CWE-287
Improper Authentication
|
CVE-2010-0014
|
2010-01-15 14:00 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|