267171
|
- |
|
wolfram
|
webmathematica
|
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2009-4812
|
2010-04-28 00:30 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267172
|
- |
|
mybboard
|
mybb
|
Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4813
|
2010-04-28 00:30 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267173
|
- |
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in the backend user interface in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 allow remote atta…
|
CWE-79
Cross-site Scripting
|
CVE-2009-0816
|
2010-04-27 14:49 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267174
|
- |
|
reyero
|
i18n
|
Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks pr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1530
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267175
|
- |
|
givesight
|
com_powermail
|
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact…
|
CWE-22
Path Traversal
|
CVE-2010-1532
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267176
|
- |
|
dragonfrugal
|
dfd_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1541
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267177
|
- |
|
acme rca
|
micro_httpd digital_cable_modem
|
micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80.
|
CWE-20
Improper Input Validation
|
CVE-2010-1544
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267178
|
- |
|
typo3
|
typo3
|
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which…
|
CWE-200
Information Exposure
|
CVE-2009-0815
|
2010-04-27 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267179
|
- |
|
samhain_labs
|
samhain
|
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication …
|
CWE-20
Improper Input Validation
|
CVE-2009-4810
|
2010-04-27 01:17 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267180
|
- |
|
palosanto
|
elastix
|
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this in…
|
CWE-22
Path Traversal
|
CVE-2010-1492
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|