|
257381
|
- |
|
subexworld
|
nikira_fraud_management_system
|
Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Management System allows remote attackers to inject arbitrary web script or HTML via the message parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0706
|
2017-08-17 10:32 |
2010-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257382
|
- |
|
timeclock-software
|
employee_timeclock_software
|
Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attackers to hijack the authentication of an administrator for requests that create n…
|
CWE-352
Origin Validation Error
|
CVE-2010-0707
|
2017-08-17 10:32 |
2010-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257383
|
- |
|
sun
|
java_system_directory_server
|
Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, Sun Java System Directory Server 5.2, and Sun Java System Directory Server Enter…
|
NVD-CWE-noinfo
|
CVE-2010-0708
|
2017-08-17 10:32 |
2010-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257384
|
- |
|
limny
|
limny
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authentication of users or administrators for requests that change the email address o…
|
CWE-352
Origin Validation Error
|
CVE-2010-0709
|
2017-08-17 10:32 |
2010-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257385
|
- |
|
zenoss
|
zenoss
|
Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before 2.5, allow remote authenticated users to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2010-0712
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257386
|
- |
|
moinmo
|
moinmoin
|
The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not prevent unsafe package actions, which has unspecified impact and attack vectors.
|
CWE-16
Configuration
|
CVE-2010-0717
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257387
|
- |
|
microsoft
|
windows_media_player
|
Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted .mpg file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0718
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257388
|
- |
|
microsoft
|
windows_2000
windows_2003_server
windows_7
windows_server_2008
windows_vista
windows_xp
|
An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 does not validate arguments, which allows local users to cause a denia…
|
CWE-20
Improper Input Validation
|
CVE-2010-0719
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257389
|
- |
|
systemsoftware
|
erotik_auktionshaus
|
SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0720
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257390
|
- |
|
systemsoftware
|
auktionshaus_gelb
|
SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0721
|
2017-08-17 10:32 |
2010-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
