|
267221
|
- |
|
simone_rota
|
slim_simple_login_manager
|
The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default_path option, which might allow local users to gain privileges via a Trojan horse program in the cu…
|
CWE-16
Configuration
|
CVE-2010-2945
|
2010-08-31 13:00 |
2010-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267222
|
- |
|
adobe
|
extension_manager_cs5
|
Untrusted search path vulnerability in Adobe Extension Manager CS5 5.0.298 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan …
|
NVD-CWE-Other
|
CVE-2010-3154
|
2010-08-30 23:54 |
2010-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267223
|
- |
|
wyse
|
thinos_hf
|
Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other versions before ThinOS 6.5, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3031
|
2010-08-30 13:00 |
2010-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267224
|
- |
|
viewvc
|
viewvc
|
lib/viewvc.py in ViewVC 1.0.5 uses the content-type parameter in the HTTP request for the Content-Type header in the HTTP response, which allows remote attackers to cause content to be misinterpreted…
|
NVD-CWE-noinfo
|
CVE-2008-4325
|
2010-08-30 13:00 |
2008-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267225
|
- |
|
blackboard
|
blackboard_learning_and_community_post_systems
|
Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2007-5227
|
2010-08-30 13:00 |
2007-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267226
|
- |
|
uninet
|
statsplus
|
Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to s…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2330
|
2010-08-30 13:00 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267227
|
- |
|
wolterskluwer
|
teammate_audit_management_software_suite
|
Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking atta…
|
NVD-CWE-Other
|
CVE-2010-3125
|
2010-08-27 03:36 |
2010-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267228
|
- |
|
wolterskluwer
|
teammate_audit_management_software_suite
|
Per: http://cwe.mitre.org/data/definitions/426.html
'CWE-426: Untrusted Search Path'
|
NVD-CWE-Other
|
CVE-2010-3125
|
2010-08-27 03:36 |
2010-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267229
|
- |
|
apple
|
cfnetwork
mac_os_x
mac_os_x_server
|
CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allows man-in-the-middle attackers to redirect a connection and obtain sensitive information via crafte…
|
CWE-200
Information Exposure
|
CVE-2010-1800
|
2010-08-26 13:00 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267230
|
- |
|
apple
|
libsecurity
mac_os_x
mac_os_x_server
|
libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a…
|
CWE-287
Improper Authentication
|
CVE-2010-1802
|
2010-08-26 13:00 |
2010-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
