|
265711
|
- |
|
ibm
|
lotus_domino
|
The Remote Console in IBM Lotus Domino, when a certain unsupported configuration involving UNC share pathnames is used, allows remote attackers to bypass authentication and execute arbitrary code via…
|
CWE-287
Improper Authentication
|
CVE-2011-0920
|
2011-02-14 14:00 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265712
|
- |
|
zikula
|
zikula_application_framework
|
Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes it easier for remote attackers to defeat protection mechanisms based on randomization by predicting…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4728
|
2011-02-14 14:00 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265713
|
- |
|
zikula
|
zikula_application_framework
|
Zikula before 1.2.3 does not use the authid protection mechanism for (1) the lostpassword form and (2) mailpasswd processing, which makes it easier for remote attackers to generate a flood of passwor…
|
CWE-352
Origin Validation Error
|
CVE-2010-4729
|
2011-02-14 14:00 |
2011-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265714
|
- |
|
mediawiki
|
mediawiki
|
Multiple directory traversal vulnerabilities in (1) languages/Language.php and (2) includes/StubObject.php in MediaWiki 1.8.0 and other versions before 1.16.2, when running on Windows and possibly No…
|
CWE-22
Path Traversal
|
CVE-2011-0537
|
2011-02-12 15:46 |
2011-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265715
|
- |
|
dovecot
|
dovecot
|
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3706
|
2011-02-12 15:44 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265716
|
- |
|
dovecot
|
dovecot
|
Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass inten…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3779
|
2011-02-12 15:44 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265717
|
- |
|
dovecot
|
dovecot
|
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended wea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3304
|
2011-02-12 15:43 |
2010-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265718
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4207
|
2011-02-5 16:00 |
2010-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265719
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4208
|
2011-02-5 16:00 |
2010-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265720
|
- |
|
yahoo
|
yui
|
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4209
|
2011-02-5 16:00 |
2010-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
