|
264951
|
- |
|
mono
|
mono
|
The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewStateMac property, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as dem…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1459
|
2010-09-9 14:41 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264952
|
- |
|
otrs
|
otrs
|
Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System (OTRS) 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 …
|
CWE-89
SQL Injection
|
CVE-2010-0438
|
2010-09-9 14:39 |
2010-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264953
|
- |
|
adobe
|
extendedscript_toolkit_cs5
|
Untrusted search path vulnerability in Adobe ExtendScript Toolkit (ESTK) CS5 3.5.0.52 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks vi…
|
NVD-CWE-Other
|
CVE-2010-3155
|
2010-09-9 13:00 |
2010-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264954
|
- |
|
novell
|
identity_manager
|
The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.
|
CWE-255
Credentials Management
|
CVE-2010-3264
|
2010-09-9 13:00 |
2010-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264955
|
- |
|
blackboard
|
transact_suite
|
BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field names when determining whether it is appropriate to decrypt a connection.xml f…
|
CWE-200
Information Exposure
|
CVE-2010-3244
|
2010-09-9 02:43 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264956
|
- |
|
gnome
|
power_manager
|
gnome-power-manager 2.27.92 does not properly implement the lock_on_suspend and lock_on_hibernate settings for locking the screen when the suspend or hibernate button is pressed, which might make it …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4997
|
2010-09-9 02:08 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264957
|
- |
|
gnome
|
power_manager
|
gnome-power-manager 2.14.0 does not properly implement the lock_on_suspend and lock_on_hibernate settings for locking the screen when the suspend or hibernate button is pressed, which might make it e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-7240
|
2010-09-9 00:26 |
2010-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264958
|
- |
|
mozilla
|
bugzilla
|
Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2756
|
2010-09-8 14:48 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264959
|
- |
|
mozilla
|
bugzilla
|
The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 does not properly send impersonation notifications, which makes it easier for remot…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2757
|
2010-09-8 14:48 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264960
|
- |
|
mozilla
|
bugzilla
|
Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 generates different error messages depending on whether a product exists, which makes it easier for remo…
|
CWE-200
Information Exposure
|
CVE-2010-2758
|
2010-09-8 14:48 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
