267501
|
- |
|
ibm
|
lotus_connections
|
Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via uns…
|
NVD-CWE-Other
|
CVE-2010-2280
|
2010-06-17 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267502
|
- |
|
tomatocms
|
tomatocms
|
Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password.
|
CWE-352
Origin Validation Error
|
CVE-2010-2282
|
2010-06-17 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267503
|
- |
|
evological
|
evocam
|
Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to execute arbitrary code via a long GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2309
|
2010-06-17 13:00 |
2010-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267504
|
- |
|
hauntmax
|
haunted_house_directory_listing_cms
|
SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remote attackers to execute arbitrary SQL commands via the state parameter in a listings action.
|
CWE-89
SQL Injection
|
CVE-2010-2312
|
2010-06-17 13:00 |
2010-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267505
|
- |
|
ibm
|
lotus_connections
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) create or (2) edit form in …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2277
|
2010-06-16 23:29 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267506
|
- |
|
dojotoolkit
|
dojo
|
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=tru…
|
CWE-16
Configuration
|
CVE-2010-2276
|
2010-06-16 23:03 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267507
|
- |
|
dojotoolkit
|
dojo
|
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demo…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2275
|
2010-06-16 22:54 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267508
|
- |
|
accoria
|
rock_web_server
|
Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2010-2268
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267509
|
- |
|
accoria
|
rock_web_server
|
Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to have an unspecified impact via format string specifiers in the path (aka Passwo…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2010-2271
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267510
|
- |
|
dojotoolkit
|
dojo
|
Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors.
|
NVD-CWE-noinfo
|
CVE-2010-2272
|
2010-06-16 13:00 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|