|
267791
|
- |
|
cnr.somee
|
hikaye_portal
|
CNR Hikaye Portal 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/hikaye.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4765
|
2010-04-14 13:00 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267792
|
- |
|
jooforge
|
com_jukebox
|
Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller paramete…
|
CWE-22
Path Traversal
|
CVE-2010-1352
|
2010-04-14 06:31 |
2010-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267793
|
- |
|
cisco
|
ios
|
The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling De…
|
NVD-CWE-Other
|
CVE-2010-0579
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267794
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message P…
|
NVD-CWE-noinfo
|
CVE-2010-0580
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267795
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Pa…
|
NVD-CWE-noinfo
|
CVE-2010-0581
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267796
|
- |
|
cisco
|
ios
|
Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962.
|
NVD-CWE-noinfo
|
CVE-2010-0582
|
2010-04-13 14:43 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267797
|
- |
|
freedesktop
|
udisks
|
probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by…
|
CWE-200
Information Exposure
|
CVE-2010-1149
|
2010-04-13 13:00 |
2010-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267798
|
- |
|
pulsecms
|
pulse_cms
|
Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extensi…
|
NVD-CWE-Other
|
CVE-2010-1334
|
2010-04-12 13:00 |
2010-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267799
|
- |
|
pulsecms
|
pulse_cms
|
Per: http://cwe.mitre.org/data/definitions/434.html
'CWE-434: Unrestricted Upload of File with Dangerous Type'
|
NVD-CWE-Other
|
CVE-2010-1334
|
2010-04-12 13:00 |
2010-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267800
|
- |
|
robertotto
|
teamsite_hack_plugin
|
Cross-site scripting (XSS) vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to inject arbitrary web script or HTML via the u…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1339
|
2010-04-12 13:00 |
2010-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
