|
265121
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-019 and 4.0.2.x before 4.0.2.7-P8AE-FP007, in certain FileTracker configurations, does not apply a secu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4998
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265122
|
- |
|
ibm
|
filenet_p8_application_engine
|
Cross-site scripting (XSS) vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-016 allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4999
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265123
|
- |
|
ibm
|
filenet_p8_application_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.3-P8AE-FP003 allow remote attackers to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2009-5000
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265124
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.2-P8AE-FP002 grants a document's Creator-Owner full control over an annotation object, even if the de…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5001
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265125
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.1-P8AE-FP001 does not record Get Content Failure Audit events, which might allow remote attackers to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-5002
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265126
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-010 records DEBUG messages containing user credentials in the log4j.xml file, which might allow local u…
|
CWE-255
Credentials Management
|
CVE-2008-7261
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265127
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Image Viewer component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-002 removes a user from an ACL when the user is denied all permissions for an annotation, which might allow r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-7241
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265128
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-001 does not ensure that the AE Administrator role is present for Site Preferences modifications, which…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-7242
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265129
|
- |
|
arg0
|
encfs
|
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations…
|
CWE-310
Cryptographic Issues
|
CVE-2010-3075
|
2010-09-20 13:00 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265130
|
- |
|
mollify
|
mollify
|
Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.6.5.5, and possibly other versions allows remote attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3462
|
2010-09-20 13:00 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
