271631
|
- |
|
mailscanner
|
mailscanner
|
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clam…
|
CWE-59
Link Following
|
CVE-2008-5313
|
2010-12-28 14:00 |
2008-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271632
|
- |
|
clixint
|
image_hosting_script_dpi
|
Cross-site scripting (XSS) vulnerability in images.php in Image Hosting Script DPI 1.1 Final (1.1F) allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: some …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4252
|
2010-12-22 14:00 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271633
|
- |
|
gianluca_baldo
|
phpauction
|
Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5 allow remote attackers to inject arbitrary web script or HTML via the lan parameter to (1) index.php or (2) admin/index.php, or (…
|
CWE-79
Cross-site Scripting
|
CVE-2005-2254
|
2010-12-21 14:00 |
2005-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271634
|
- |
|
bsdi freebsd openbsd
|
bsd_os freebsd openbsd
|
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
|
CWE-20
Improper Input Validation
|
CVE-1999-0001
|
2010-12-16 14:00 |
1999-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271635
|
- |
|
1024cms
|
1024_cms
|
SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the id parameter in a vp action.
|
CWE-89
SQL Injection
|
CVE-2010-1093
|
2010-12-14 23:34 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271636
|
- |
|
jan_schutze
|
truc
|
Cross-site scripting (XSS) vulnerability in login_reset_password_page.php in Tracking Requirements & Use Cases (TRUC) 0.11.0 and earlier allows remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1095
|
2010-12-14 14:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271637
|
- |
|
dedecms
|
dedecms
|
include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_start is enabled, allows remote attackers to bypass authentication and gain administrative access via a value of 1 for the _SESSION[d…
|
CWE-287
Improper Authentication
|
CVE-2010-1097
|
2010-12-14 14:00 |
2010-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271638
|
- |
|
php
|
php
|
The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, which makes it easier for context-dependent attackers to guess values that were intended to be unpr…
|
CWE-310
Cryptographic Issues
|
CVE-2010-1128
|
2010-12-10 15:39 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271639
|
- |
|
php
|
php
|
The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause …
|
NVD-CWE-Other
|
CVE-2010-0397
|
2010-12-10 15:37 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
271640
|
- |
|
php
|
php
|
Per: http://cwe.mitre.org/data/slices/2000.html
Improper Check for Unusual or Exceptional Conditions CWE-754
|
NVD-CWE-Other
|
CVE-2010-0397
|
2010-12-10 15:37 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|