267201
|
- |
|
givesight
|
com_powermail
|
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact…
|
CWE-22
Path Traversal
|
CVE-2010-1532
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267202
|
- |
|
dragonfrugal
|
dfd_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1541
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267203
|
- |
|
acme rca
|
micro_httpd digital_cable_modem
|
micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80.
|
CWE-20
Improper Input Validation
|
CVE-2010-1544
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267204
|
- |
|
typo3
|
typo3
|
The jumpUrl mechanism in class.tslib_fe.php in TYPO3 3.3.x through 3.8.x, 4.0 before 4.0.12, 4.1 before 4.1.10, 4.2 before 4.2.6, and 4.3alpha1 leaks a hash secret (juHash) in an error message, which…
|
CWE-200
Information Exposure
|
CVE-2009-0815
|
2010-04-27 13:00 |
2009-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267205
|
- |
|
samhain_labs
|
samhain
|
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication …
|
CWE-20
Improper Input Validation
|
CVE-2009-4810
|
2010-04-27 01:17 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267206
|
- |
|
palosanto
|
elastix
|
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this in…
|
CWE-22
Path Traversal
|
CVE-2010-1492
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267207
|
- |
|
joachim_ruhs
|
flat_manager
|
SQL injection vulnerability in the Flat Manager (flatmgr) extension before 1.9.16 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4802
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267208
|
- |
|
phpmyfaq
|
phpmyfaq
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in phpMyFAQ before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via (1) the lang parameter in a sitemap action,…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4780
|
2010-04-24 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267209
|
- |
|
ijoomla
|
com_news_portal
|
Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramet…
|
CWE-22
Path Traversal
|
CVE-2010-1312
|
2010-04-22 14:42 |
2010-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267210
|
- |
|
vmware
|
movie_decoder workstation player server
|
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 24645…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-1564
|
2010-04-22 14:33 |
2010-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|