|
271281
|
- |
|
sentex
|
jhead
|
jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
CWE-59
NVD-CWE-noinfo
Link Following
|
CVE-2008-4639
|
2010-12-28 14:00 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271282
|
- |
|
mailscanner
|
mailscanner
|
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) cla…
|
CWE-59
Link Following
|
CVE-2008-5312
|
2010-12-28 14:00 |
2008-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271283
|
- |
|
mailscanner
|
mailscanner
|
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clam…
|
CWE-59
Link Following
|
CVE-2008-5313
|
2010-12-28 14:00 |
2008-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271284
|
- |
|
clixint
|
image_hosting_script_dpi
|
Cross-site scripting (XSS) vulnerability in images.php in Image Hosting Script DPI 1.1 Final (1.1F) allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: some …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4252
|
2010-12-22 14:00 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271285
|
- |
|
gianluca_baldo
|
phpauction
|
Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5 allow remote attackers to inject arbitrary web script or HTML via the lan parameter to (1) index.php or (2) admin/index.php, or (…
|
CWE-79
Cross-site Scripting
|
CVE-2005-2254
|
2010-12-21 14:00 |
2005-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271286
|
- |
|
bsdi
freebsd
openbsd
|
bsd_os
freebsd
openbsd
|
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
|
CWE-20
Improper Input Validation
|
CVE-1999-0001
|
2010-12-16 14:00 |
1999-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271287
|
- |
|
1024cms
|
1024_cms
|
SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action.
|
CWE-89
SQL Injection
|
CVE-2010-1093
|
2010-12-14 23:34 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271288
|
- |
|
jan_schutze
|
truc
|
Cross-site scripting (XSS) vulnerability in login_reset_password_page.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 and earlier allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1095
|
2010-12-14 14:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271289
|
- |
|
dedecms
|
dedecms
|
include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_start is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the _SESSION[d…
|
CWE-287
Improper Authentication
|
CVE-2010-1097
|
2010-12-14 14:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271290
|
- |
|
php
|
php
|
The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpr…
|
CWE-310
Cryptographic Issues
|
CVE-2010-1128
|
2010-12-10 15:39 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
