|
267041
|
- |
|
accscripts
|
acc_statistics
|
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change (1) passwo…
|
CWE-352
Origin Validation Error
|
CVE-2009-4905
|
2010-06-28 13:00 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267042
|
- |
|
accscripts
|
acc_php_email
|
Cross-site request forgery (CSRF) vulnerability in index.php in Acc PHP eMail 1.1 allows remote attackers to hijack the authentication of administrators for requests that change passwords.
|
CWE-352
Origin Validation Error
|
CVE-2009-4906
|
2010-06-28 13:00 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267043
|
- |
|
sun
|
opensolaris
solaris
|
Unspecified vulnerability in the IPv6 networking stack in Sun Solaris 10, and OpenSolaris snv_01 through snv_82 and snv_111 through snv_122, when a Cassini GigaSwift Ethernet Adapter (aka CE) interfa…
|
NVD-CWE-noinfo
|
CVE-2009-3164
|
2010-06-25 14:32 |
2009-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267044
|
- |
|
tim_lochmueller
|
mydashboard
|
Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1011
|
2010-06-25 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267045
|
- |
|
fr.simon_rundell
|
pd_diocesedatabase
|
SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension before 0.7.13 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vect…
|
CWE-89
SQL Injection
|
CVE-2010-1013
|
2010-06-25 13:00 |
2010-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267046
|
- |
|
redhat
|
enterprise_virtualization_hypervisor
|
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2223
|
2010-06-25 13:00 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267047
|
- |
|
upredsun
|
subtitle_translation_wizard
|
Stack-based buffer overflow in st-wizard.exe in Subtitle Translation Wizard 3.0 allows user-assisted remote attackers to execute arbitrary code via a crafted SRT file with a long line after a time ra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2440
|
2010-06-25 13:00 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267048
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain sensitive information by reading the default_create.log file that is associated with profile creatio…
|
CWE-200
Information Exposure
|
CVE-2010-2323
|
2010-06-25 06:05 |
2010-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267049
|
- |
|
malcom_box
|
lxr_cross_referencer
|
Cross-site scripting (XSS) vulnerability in LXR Cross Referencer before 0.9.7 allows remote attackers to inject arbitrary web script or HTML via vectors related to the search body and the results pag…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1625
|
2010-06-24 21:30 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267050
|
- |
|
plone
|
plone
|
Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfix 20100612 allows remote attackers to inject arbitrary web script or HTML via the safe_html transfo…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2422
|
2010-06-24 21:17 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
