|
265191
|
- |
|
ez
|
ez_publish
|
Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ Publish 3.7.0 through 4.2.0 allows remote attackers to inject arbitrary web script or HTML via the subTreeItem parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2671
|
2010-07-9 13:00 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265192
|
- |
|
ez
|
ez_publish
|
Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to execute arbitrary SQL commands via the (1) SectionID and (2) SearchTimestamp parameters to the searc…
|
CWE-89
SQL Injection
|
CVE-2010-2672
|
2010-07-9 13:00 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265193
|
- |
|
devana
|
devana
|
SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-2673
|
2010-07-9 13:00 |
2010-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265194
|
- |
|
mahara
|
mahara
|
Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options for authentication plugins associated with logins that use the single sign-on (SSO) functionality, …
|
CWE-287
Improper Authentication
|
CVE-2010-1670
|
2010-07-7 13:00 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265195
|
- |
|
htmlpurifier
mahara
|
htmlpurifier
mahara
|
Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2479
|
2010-07-7 13:00 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265196
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to ac…
|
NVD-CWE-Other
|
CVE-2009-4641
|
2010-07-7 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265197
|
- |
|
logahead
|
logahead_unu
|
Unrestricted file upload vulnerability in logahead UNU 1.0 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to plugins/widged/_widged.php (aka the Widg…
|
CWE-94
Code Injection
|
CVE-2006-6887
|
2010-07-7 13:00 |
2006-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265198
|
- |
|
citrix
|
xenserver
|
Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, allows guest users to cause a denial of service in the host via unspecified vectors that trigger "i…
|
NVD-CWE-Other
|
CVE-2010-2619
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265199
|
- |
|
open-ftpd
|
open-ftpd
|
Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login s…
|
CWE-287
Improper Authentication
|
CVE-2010-2620
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265200
|
- |
|
hitachi
|
serverconductor_\/_deployment_manager
jp1\/_serverconductor_\/_deployment_manager
|
Unspecified vulnerability in the Client Service for DPM in Hitachi ServerConductor / Deployment Manager 01-00, 01-01, and 06-00 through 06-00-/A; ServerConductor / Deployment Manager Standard Edition…
|
NVD-CWE-noinfo
|
CVE-2010-2625
|
2010-07-6 13:00 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
