270391
|
- |
|
ron_jerome
|
bibliography
|
Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privil…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2000
|
2010-05-21 13:00 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270392
|
- |
|
ninjitsuweb
|
civiregister
|
Cross-site scripting (XSS) vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2001
|
2010-05-21 13:00 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270393
|
- |
|
addison_berry jeff_warrington
|
wordfilter
|
Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2002
|
2010-05-21 13:00 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270394
|
- |
|
toutvirtual
|
virtualiq
|
Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the (1) addNewDept, (2) deptId, or (3…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4842
|
2010-05-21 13:00 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270395
|
- |
|
sixapart
|
movable_type
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unkno…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1985
|
2010-05-21 04:47 |
2010-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270396
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by add…
|
CWE-20
Improper Input Validation
|
CVE-2010-1189
|
2010-05-20 14:49 |
2010-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270397
|
- |
|
cisco
|
pgw_2200_softswitch
|
The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug I…
|
CWE-20
Improper Input Validation
|
CVE-2010-0603
|
2010-05-20 14:48 |
2010-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270398
|
- |
|
ffmpeg
|
ffmpeg
|
FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4637
|
2010-05-20 14:46 |
2010-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270399
|
- |
|
phpbb
|
phpbb
|
feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1627
|
2010-05-20 13:00 |
2010-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270400
|
- |
|
phpbb
|
phpbb
|
Unspecified vulnerability in posting.php in phpBB before 3.0.5 has unknown impact and attack vectors related to the use of a "forum id" in circumstances related to a "global announcement."
|
NVD-CWE-noinfo
|
CVE-2010-1630
|
2010-05-20 13:00 |
2010-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|