266611
|
- |
|
accoria
|
rock_web_server
|
Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2010-2268
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266612
|
- |
|
accoria
|
rock_web_server
|
Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to have an unspecified impact via format string specifiers in the path (aka Passwo…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2010-2271
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266613
|
- |
|
dojotoolkit
|
dojo
|
Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors.
|
NVD-CWE-noinfo
|
CVE-2010-2272
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266614
|
- |
|
dojotoolkit
|
dojo
|
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2273
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266615
|
- |
|
ibm
|
lotus_connections
|
The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does not properly follow the "force SSL" setting, which might make it easier for remote attackers to ob…
|
NVD-CWE-Other
|
CVE-2010-2278
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266616
|
- |
|
ibm
|
lotus_connections
|
The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when "forced SSL" is enabled, uses http for links, which has unspecified impact and remote atta…
|
NVD-CWE-Other
|
CVE-2010-2279
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266617
|
- |
|
tomatocms
|
tomatocms
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) bannerid parameter in conj…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2281
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266618
|
- |
|
punbb
|
punbb
|
Multiple cross-site scripting (XSS) vulnerabilities in profile.php in PunBB before 1.3.4 allow remote attackers to inject arbitrary web script or HTML via the (1) password or (2) e-mail.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4894
|
2010-06-15 23:04 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266619
|
- |
|
realitymedias
|
repairshop2
|
SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prod parameter in a product…
|
CWE-89
SQL Injection
|
CVE-2010-1857
|
2010-06-14 04:18 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266620
|
- |
|
xinha s9y
|
wysiwyg_editor serendipity
|
The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1916
|
2010-06-14 04:18 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|