|
267621
|
- |
|
info-zip
|
unzip
|
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
|
NVD-CWE-Other
|
CVE-2001-1268
|
2010-05-25 13:10 |
2001-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267622
|
- |
|
info-zip
|
unzip
|
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
|
NVD-CWE-Other
|
CVE-2001-1269
|
2010-05-25 13:10 |
2001-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267623
|
- |
|
xfree86_project
|
xfree86_x_server
|
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
|
NVD-CWE-Other
|
CVE-2001-1409
|
2010-05-25 13:10 |
2003-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267624
|
- |
|
sebrac.webcindario
|
migascms
|
SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo act…
|
CWE-89
SQL Injection
|
CVE-2010-2012
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267625
|
- |
|
createch-group
|
lisk_cms
|
Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or possibly id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2014
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267626
|
- |
|
createch-group
|
lisk_cms
|
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id par…
|
CWE-89
SQL Injection
|
CVE-2010-2015
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267627
|
- |
|
bukulokomedia
|
lokomedia_cms
|
Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2017
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267628
|
- |
|
bukulokomedia
|
lokomedia_cms
|
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the prov…
|
CWE-89
SQL Injection
|
CVE-2010-2019
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267629
|
- |
|
apple
|
java
|
Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 do not properly handle mediaLibImage objects, which allows remote attackers to execute arbitrary code or cause …
|
CWE-399
Resource Management Errors
|
CVE-2010-0538
|
2010-05-24 13:00 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267630
|
- |
|
apple
|
java_1.5
java_1.6
|
Integer signedness error in the window drawing implementation in Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 allows remote attackers to execute arbitrary c…
|
CWE-189
Numeric Errors
|
CVE-2010-0539
|
2010-05-24 13:00 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
