|
264231
|
- |
|
manageengine
|
servicedesk_plus
|
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-2755
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264232
|
- |
|
manageengine
|
servicedesk_plus
|
FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 does not require authentication, which allows remote attackers to read files from a specific directory via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2011-2756
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264233
|
- |
|
manageengine
|
servicedesk_plus
|
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME paramete…
|
CWE-22
Path Traversal
|
CVE-2011-2757
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264234
|
- |
|
ibm
|
tivoli_directory_server
|
IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not require authentication for access to LDAP Server log files, which allows remo…
|
CWE-287
Improper Authentication
|
CVE-2011-2758
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264235
|
- |
|
mediawiki
|
mediawiki
|
PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via unspecified vect…
|
CWE-94
Code Injection
|
CVE-2010-2789
|
2011-07-19 13:00 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264236
|
- |
|
orbeon
|
forms
|
oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote at…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3260
|
2011-07-19 13:00 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264237
|
- |
|
joomla
|
joomla\!
|
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_cont…
|
CWE-89
SQL Injection
|
CVE-2010-4696
|
2011-07-19 13:00 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264238
|
- |
|
eclipse
|
eclipse_ide
|
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7271
|
2011-07-19 13:00 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264239
|
- |
|
ubuntu
|
language-selector
|
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/defa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0729
|
2011-07-14 13:00 |
2011-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264240
|
- |
|
microsoft
|
silverlight
|
Memory leak in Microsoft Silverlight 4 before 4.0.60310.0 allows remote attackers to cause a denial of service (memory consumption) via an application involving a popup control and a custom Dependenc…
|
CWE-399
Resource Management Errors
|
CVE-2011-1844
|
2011-07-14 13:00 |
2011-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
