|
264891
|
- |
|
drupal
|
drupal
|
The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3092
|
2010-09-22 13:00 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264892
|
- |
|
drupal
|
drupal
|
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3093
|
2010-09-22 13:00 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264893
|
- |
|
drupal
|
drupal
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action descrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3094
|
2010-09-22 13:00 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264894
|
- |
|
opera
|
opera_browser
|
Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers…
|
CWE-200
Information Exposure
|
CVE-2010-0653
|
2010-09-21 14:46 |
2010-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264895
|
- |
|
fujitsu
|
e-pares
|
Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attackers to hijack web sessions via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2010-2149
|
2010-09-21 13:00 |
2010-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264896
|
- |
|
ibm
|
filenet_p8_application_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 and 4.0.2.x before 4.0.2.7-P8AE-FP007 allow …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3470
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264897
|
- |
|
ibm
|
filenet_p8_application_engine
|
Session fixation vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.7-P8AE-FP007 allows remote attackers to hijack web sessions via uns…
|
CWE-287
Improper Authentication
|
CVE-2010-3471
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264898
|
- |
|
ibm
|
filenet_p8_application_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3472
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264899
|
- |
|
ibm
|
filenet_p8_application_engine
|
Open redirect vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allows remote attackers to redirect users to arbitrary web sites and…
|
CWE-20
Improper Input Validation
|
CVE-2010-3473
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264900
|
- |
|
ibm
|
filenet_p8_application_engine
|
The Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-019 and 4.0.2.x before 4.0.2.7-P8AE-FP007, in certain FileTracker configurations, does not apply a secu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4998
|
2010-09-21 13:00 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
