|
267141
|
- |
|
comtrend
|
ct-507it_adsl_router
|
Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inject arbitrary web script or HTML via the srvName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0470
|
2010-02-3 14:00 |
2010-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267142
|
- |
|
viewvc
|
viewvc
|
query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported authorizer for a root, which might allow remote attackers to bypass intended access r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0005
|
2010-02-2 14:00 |
2010-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267143
|
- |
|
zeus
|
zeus_web_server
|
Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for the admin server, allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0363
|
2010-02-2 14:00 |
2010-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267144
|
- |
|
zabbix
|
zabbix
|
SQL injection vulnerability in the get_history_lastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted reque…
|
CWE-89
SQL Injection
|
CVE-2009-4499
|
2010-02-2 14:00 |
2010-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267145
|
- |
|
mozilla
|
seamonkey
thunderbird
|
Mozilla Necko, as used in Thunderbird 3.0.1, SeaMonkey, and other applications, performs DNS prefetching even when the app type is APP_TYPE_MAIL or APP_TYPE_EDITOR, which makes it easier for remote a…
|
CWE-200
Information Exposure
|
CVE-2009-4629
|
2010-02-2 14:00 |
2010-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267146
|
- |
|
cisco
|
unified_meetingplace
|
Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.3, and possibly 5 allow remote attackers to create (1) user or (2) a…
|
NVD-CWE-noinfo
|
CVE-2010-0140
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267147
|
- |
|
cisco
|
unified_meetingplace
|
Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml
Affected Products
Vulnerable Products
Cisco Unified MeetingPlace versions 5, 6, and 7 are each affec…
|
NVD-CWE-noinfo
|
CVE-2010-0140
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267148
|
- |
|
cisco
|
unified_meetingplace
|
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated users to gain privileges via a modified authentication sequence, aka Bug ID CSCsv66530.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0142
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267149
|
- |
|
cisco
|
unified_meetingplace
|
Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1490b.shtml
Affected Products
Vulnerable Products
Cisco Unified MeetingPlace versions 5, 6, and 7 are each affec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0142
|
2010-01-31 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267150
|
- |
|
sun
|
java_system_application_server
|
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credential…
|
CWE-16
Configuration
|
CVE-2010-0386
|
2010-01-31 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
