266211
|
- |
|
mitsu_hiro_hi_rose
|
attachecase
|
Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges via a Trojan horse executable file in the current working directory.
|
NVD-CWE-Other
|
CVE-2010-3923
|
2010-12-31 06:00 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266212
|
- |
|
mitsu_hiro_hi_rose
|
attachecase
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2010-3923
|
2010-12-31 06:00 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266213
|
- |
|
habariproject
|
habari
|
Habari 0.6.5 allows remote attackers to obtain sensitive information via a direct request to (1) header.php and (2) comments_items.php in system/admin/, which reveals the installation path in an erro…
|
CWE-200
Information Exposure
|
CVE-2010-4608
|
2010-12-30 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266214
|
- |
|
hycus
|
hycus_cms
|
Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the site parameter to (1) index.php and (2) a…
|
CWE-22
Path Traversal
|
CVE-2010-4613
|
2010-12-30 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266215
|
- |
|
mhproducts
|
ero_auktion
|
SQL injection vulnerability in item.php in Ero Auktion 2010 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2010-0723.
|
CWE-89
SQL Injection
|
CVE-2010-4614
|
2010-12-30 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266216
|
- |
|
algisinfo
|
aicontactsafe
|
Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSafe component before 2.0.14 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4618
|
2010-12-30 14:00 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266217
|
- |
|
realnetworks
|
helix_mobile_server helix_server helix_server_mobile
|
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers …
|
CWE-189
Numeric Errors
|
CVE-2010-1319
|
2010-12-29 14:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266218
|
- |
|
innovationdp
|
fdr\/upstrean
|
INNOVATION Data Processing FDR/UPSTREAM 3.3.0 (GA Oct 2003) allows remote attackers to cause a denial of service (service outage) via a sequence of TCP SYN packets to many ports, as demonstrated usin…
|
NVD-CWE-Other
|
CVE-2006-6404
|
2010-12-29 14:00 |
2009-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266219
|
- |
|
sentex
|
jhead
|
jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
|
CWE-59 NVD-CWE-noinfo
Link Following
|
CVE-2008-4639
|
2010-12-28 14:00 |
2008-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266220
|
- |
|
mailscanner
|
mailscanner
|
mailscanner 4.55.10 and other versions before 4.74.16-1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files used by the (1) f-prot-autoupdate, (2) cla…
|
CWE-59
Link Following
|
CVE-2008-5312
|
2010-12-28 14:00 |
2008-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|