|
264821
|
- |
|
mailscanner
|
mailscanner
|
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) cla…
|
CWE-59
Link Following
|
CVE-2008-5312
|
2010-12-28 14:00 |
2008-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264822
|
- |
|
mailscanner
|
mailscanner
|
mailscanner 4.68.8 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) clam…
|
CWE-59
Link Following
|
CVE-2008-5313
|
2010-12-28 14:00 |
2008-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264823
|
- |
|
ibm
|
lotus_mobile_connect
|
Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4 allows remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4590
|
2010-12-28 03:55 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264824
|
- |
|
ibm
|
lotus_mobile_connect
|
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote attackers to ca…
|
CWE-399
Resource Management Errors
|
CVE-2010-4594
|
2010-12-28 03:54 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264825
|
- |
|
ibm
|
lotus_mobile_connect
|
The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blacklisting functionality for HTTP Access Services (HTTP-AS), which allows remote attackers to bypass …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4595
|
2010-12-28 03:53 |
2010-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264826
|
- |
|
earl_miles
|
views
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Views UI implementation in the Views module 5.x before 5.x-1.8 and 6.x before 6.x-2.11 for Drupal allow remote attackers to hijack th…
|
CWE-352
Origin Validation Error
|
CVE-2010-4519
|
2010-12-27 14:00 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264827
|
- |
|
earl_miles
|
views
|
Multiple cross-site scripting (XSS) vulnerabilities in the Views module 6.x before 6.x-2.11 for Drupal allow remote attackers to inject arbitrary web script or HTML via (1) a URL or (2) an aggregator…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4520
|
2010-12-24 03:00 |
2010-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264828
|
- |
|
usaa
|
usaa
|
The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application da…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4212
|
2010-12-22 14:00 |
2010-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264829
|
- |
|
clixint
|
image_hosting_script_dpi
|
Cross-site scripting (XSS) vulnerability in images.php in Image Hosting Script DPI 1.1 Final (1.1F) allows remote attackers to inject arbitrary web script or HTML via the date parameter. NOTE: some …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4252
|
2010-12-22 14:00 |
2009-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264830
|
- |
|
gianluca_baldo
|
phpauction
|
Multiple cross-site scripting (XSS) vulnerabilities in PhpAuction 2.5 allow remote attackers to inject arbitrary web script or HTML via the lan parameter to (1) index.php or (2) admin/index.php, or (…
|
CWE-79
Cross-site Scripting
|
CVE-2005-2254
|
2010-12-21 14:00 |
2005-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
