|
266491
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AIM is used, allows remote attackers to create arbitrary files via directory traversal sequences in a…
|
CWE-22
Path Traversal
|
CVE-2010-1374
|
2010-06-18 01:30 |
2010-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266492
|
- |
|
accoria
|
rock_web_server
|
Directory traversal vulnerability in loadstatic.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
|
CWE-22
Path Traversal
|
CVE-2010-2269
|
2010-06-17 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266493
|
- |
|
accoria
|
rock_web_server
|
Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
|
CWE-310
Cryptographic Issues
|
CVE-2010-2270
|
2010-06-17 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266494
|
- |
|
dojotoolkit
|
dojo
|
Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbit…
|
NVD-CWE-Other
|
CVE-2010-2274
|
2010-06-17 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266495
|
- |
|
ibm
|
lotus_connections
|
Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via uns…
|
NVD-CWE-Other
|
CVE-2010-2280
|
2010-06-17 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266496
|
- |
|
tomatocms
|
tomatocms
|
Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password.
|
CWE-352
Origin Validation Error
|
CVE-2010-2282
|
2010-06-17 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266497
|
- |
|
evological
|
evocam
|
Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2309
|
2010-06-17 13:00 |
2010-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266498
|
- |
|
hauntmax
|
haunted_house_directory_listing_cms
|
SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action.
|
CWE-89
SQL Injection
|
CVE-2010-2312
|
2010-06-17 13:00 |
2010-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266499
|
- |
|
ibm
|
lotus_connections
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) create or (2) edit form in …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2277
|
2010-06-16 23:29 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266500
|
- |
|
dojotoolkit
|
dojo
|
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=tru…
|
CWE-16
Configuration
|
CVE-2010-2276
|
2010-06-16 23:03 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
