264231
|
- |
|
mediawiki
|
mediawiki
|
api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, which allows remote attackers to bypass intended access restrictions and obtain sensitive informati…
|
CWE-200
Information Exposure
|
CVE-2010-2787
|
2011-09-7 12:10 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264232
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnableProfileInfo is enabled, allows remote attackers to inject arbitrary web script or HTML via the fil…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2788
|
2011-09-7 12:10 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264233
|
- |
|
sixapart
|
movable_type
|
Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 allow remote attackers to inject arbitrary web script or HTML via a (1) MTEntryAuthorUsername, (2) MTAut…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5845
|
2011-09-7 11:53 |
2009-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264234
|
- |
|
web-app.org
|
webapp
|
Multiple unspecified vulnerabilities in WebAPP before 0.9.9.6 have unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2007-1259
|
2011-09-1 13:00 |
2007-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264235
|
- |
|
wordpress
|
wordpress
|
Multiple unspecified vulnerabilities in WordPress before 2.0.4 have unknown impact and remote attack vectors. NOTE: due to lack of details, it is not clear how these issues are different from CVE-20…
|
NVD-CWE-noinfo
|
CVE-2006-4028
|
2011-09-1 13:00 |
2006-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264236
|
- |
|
aimluck
|
aipo aipo-asp
|
Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2011-1341
|
2011-08-29 13:00 |
2011-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264237
|
- |
|
sun
|
java_system_web_server
|
Oracle iPlanet Web Server (formerly Sun Java System Web Server or Sun ONE Web Server) 6.1 before SP12, and 7.0 through Update 6, when running on Windows, allows remote attackers to read arbitrary JSP…
|
CWE-200
Information Exposure
|
CVE-2009-2445
|
2011-08-29 13:00 |
2009-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264238
|
- |
|
mojolicious
|
mojolicious
|
Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4802
|
2011-08-27 12:46 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264239
|
- |
|
mojolicious
|
mojolicious
|
Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4803
|
2011-08-27 12:46 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264240
|
- |
|
alexej_kryukov
|
fontforge
|
Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a B…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-4259
|
2011-08-27 12:45 |
2010-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|