|
264851
|
- |
|
freebsd
|
freebsd
|
The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files during replay of a setattr transaction, uses 7777 permissions instead of the original permissions, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0318
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264852
|
- |
|
alex_kellner
|
powermail
|
SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors related to the "SQL selection fiel…
|
CWE-89
SQL Injection
|
CVE-2010-0329
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264853
|
- |
|
stefan_tannhaeuser
|
tv21_talkshow
|
Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0331
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264854
|
- |
|
stefan_tannhaeuser
|
tv21_talkshow
|
SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2010-0332
|
2011-08-8 13:00 |
2010-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264855
|
- |
|
cisco
|
ace_4710
ace_module
|
Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, a…
|
NVD-CWE-noinfo
|
CVE-2010-2822
|
2011-08-8 13:00 |
2010-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264856
|
- |
|
mortbay
|
jetty
|
The Dump Servlet in Mort Bay Jetty 6.x and 7.0.0 allows remote attackers to obtain sensitive information about internal variables and other data via a request to a URI ending in /dump/, as demonstrat…
|
CWE-200
Information Exposure
|
CVE-2009-4609
|
2011-08-8 13:00 |
2010-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264857
|
- |
|
mortbay
|
jetty
|
Multiple cross-site scripting (XSS) vulnerabilities in Mort Bay Jetty 6.x and 7.0.0 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to jsp/dump.jsp in the JSP D…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4610
|
2011-08-8 13:00 |
2010-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264858
|
- |
|
mortbay
|
jetty
|
Multiple cross-site scripting (XSS) vulnerabilities in the WebApp JSP Snoop page in Mort Bay Jetty 6.1.x through 6.1.21 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4612
|
2011-08-8 13:00 |
2010-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264859
|
- |
|
netartmedia
|
real_estate_portal
|
SQL injection vulnerability in realestate20/loginaction.php in NetArt Media Real Estate Portal 2.0 allows remote attackers to execute arbitrary SQL commands via the Password parameter. NOTE: the pro…
|
CWE-89
SQL Injection
|
CVE-2009-4613
|
2011-08-8 13:00 |
2010-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
264860
|
- |
|
scponly
|
scponly
|
scponly 4.6 and earlier allows remote authenticated users to bypass intended restrictions and execute code by invoking dangerous subcommands including (1) unison, (2) rsync, (3) svn, and (4) svnserve…
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2007-6350
|
2011-08-8 13:00 |
2007-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
