|
264021
|
- |
|
ibm
|
web_content_manager
websphere_portal
|
Cross-site scripting (XSS) vulnerability in the PageBuilder2 (aka Page Builder) theme in IBM WebSphere Portal 7.x before 7.0.0.1 CF006, as used in IBM Web Content Manager (WCM) and other products, al…
|
CWE-79
Cross-site Scripting
|
CVE-2011-2754
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264022
|
- |
|
manageengine
|
servicedesk_plus
|
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2011-2755
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264023
|
- |
|
manageengine
|
servicedesk_plus
|
FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0 before Build 8012 does not require authentication, which allows remote attackers to read files from a specific directory via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2011-2756
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264024
|
- |
|
manageengine
|
servicedesk_plus
|
Directory traversal vulnerability in FileDownload.jsp in ManageEngine ServiceDesk Plus 8.0.0.12 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the FILENAME paramete…
|
CWE-22
Path Traversal
|
CVE-2011-2757
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264025
|
- |
|
ibm
|
tivoli_directory_server
|
IDSWebApp in the Web Administration Tool in IBM Tivoli Directory Server (TDS) 6.2 before 6.2.0.3-TIV-ITDS-IF0004 does not require authentication for access to LDAP Server log files, which allows remo…
|
CWE-287
Improper Authentication
|
CVE-2011-2758
|
2011-07-19 13:00 |
2011-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264026
|
- |
|
mediawiki
|
mediawiki
|
PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via unspecified vect…
|
CWE-94
Code Injection
|
CVE-2010-2789
|
2011-07-19 13:00 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264027
|
- |
|
orbeon
|
forms
|
oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service in Orbeon Forms before 3.9 does not properly restrict DTDs in Ajax requests, which allows remote at…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3260
|
2011-07-19 13:00 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264028
|
- |
|
joomla
|
joomla\!
|
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_cont…
|
CWE-89
SQL Injection
|
CVE-2010-4696
|
2011-07-19 13:00 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264029
|
- |
|
eclipse
|
eclipse_ide
|
Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE, possibly 3.3.2, allow remote attackers to inject arbitrary web script or…
|
CWE-79
Cross-site Scripting
|
CVE-2008-7271
|
2011-07-19 13:00 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264030
|
- |
|
ubuntu
|
language-selector
|
dbus_backend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/defa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0729
|
2011-07-14 13:00 |
2011-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
