266541
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the (1) Add Pages, (2) Add Global C…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3882
|
2010-10-12 02:42 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266542
|
- |
|
jianping_yu
|
pidgin-knotify
|
The notify function in pidgin-knotify.c in the pidgin-knotify plugin 0.2.1 and earlier for Pidgin allows remote attackers to execute arbitrary commands via shell metacharacters in a message.
|
CWE-94
Code Injection
|
CVE-2010-3088
|
2010-10-12 02:30 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266543
|
- |
|
cmsmadesimple
|
cms_made_simple
|
Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple before 1.8.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the defau…
|
CWE-22
Path Traversal
|
CVE-2010-2797
|
2010-10-12 02:14 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266544
|
- |
|
microsoft
|
windows
|
Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privileges via unknown vectors, as exploited in the wild in July 2010 by the Stuxnet worm, and identified…
|
NVD-CWE-noinfo
|
CVE-2010-3888
|
2010-10-11 13:00 |
2010-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266545
|
- |
|
freeradius
|
freeradius
|
The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain circumstances involving long-term database outages, does not properly handle long queue times for requ…
|
CWE-399
Resource Management Errors
|
CVE-2010-3697
|
2010-10-8 13:00 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266546
|
- |
|
ibm
|
db2
|
The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact an…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4331
|
2010-10-7 14:44 |
2009-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266547
|
- |
|
ibm
|
db2
|
IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which ha…
|
NVD-CWE-noinfo
|
CVE-2009-3471
|
2010-10-7 14:42 |
2009-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266548
|
- |
|
norenz
|
ad-edit2
|
Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 before 3.0.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2367
|
2010-10-7 13:00 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266549
|
- |
|
ibm
|
tivoli_storage_manager_fastback
|
Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka Z…
|
CWE-94
Code Injection
|
CVE-2010-3761
|
2010-10-7 03:14 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266550
|
- |
|
ibm
|
tivoli_storage_manager_fastback
|
FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, …
|
CWE-399
Resource Management Errors
|
CVE-2010-3760
|
2010-10-7 03:11 |
2010-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|