266861
|
- |
|
php
|
php
|
mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to (1) read sensitive memory via a modified length value, which is not properly handled by the php_mys…
|
CWE-200
Information Exposure
|
CVE-2010-3062
|
2010-12-7 15:50 |
2010-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266862
|
- |
|
php
|
php
|
The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does not properly calculate a buffer length, which allows context-dependent attackers to trigger a heap…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3063
|
2010-12-7 15:50 |
2010-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266863
|
- |
|
php
|
php
|
Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (crash) and possib…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3064
|
2010-12-7 15:50 |
2010-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266864
|
- |
|
php
|
php
|
Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 before 5.3.2 allows context-dependent attackers to cause a denial of service (crash) via a stream c…
|
CWE-399
Resource Management Errors
|
CVE-2010-2093
|
2010-12-7 15:48 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266865
|
- |
|
mono-project
|
libgdiplus
|
Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2…
|
CWE-189
Numeric Errors
|
CVE-2010-1526
|
2010-12-7 15:47 |
2010-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266866
|
- |
|
pear
|
mail
|
Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted…
|
CWE-94
Code Injection
|
CVE-2009-4111
|
2010-12-7 15:43 |
2009-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266867
|
- |
|
awstats
|
awstats
|
awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows remote attackers to execute arbitrary commands via a crafted configuration file located at a UNC sh…
|
CWE-94
Code Injection
|
CVE-2010-4368
|
2010-12-3 14:00 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266868
|
- |
|
awstats
|
awstats
|
Open redirect vulnerability in awredir.pl in AWStats before 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2009-5020
|
2010-12-3 01:22 |
2010-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266869
|
- |
|
site2nite
|
big_truck_broker
|
SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attackers to execute arbitrary SQL commands via the txtSiteId parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4356
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266870
|
- |
|
boka
|
siteengine
|
SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arbitrary SQL commands via the module parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4357
|
2010-12-2 14:00 |
2010-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|