|
271481
|
- |
|
phpf1
|
max\'s_image_uploader
|
Per: http://cwe.mitre.org/data/definitions/434.html
'CWE-434: Unrestricted Upload of File with Dangerous Type'
|
NVD-CWE-Other
|
CVE-2010-0390
|
2011-01-12 14:00 |
2010-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271482
|
- |
|
embarcadero
|
interbase_smp_2009
|
Multiple stack-based buffer overflows in Embarcadero Technologies InterBase SMP 2009 9.0.3.437 allow remote attackers to execute arbitrary code via unknown vectors involving crafted packets. NOTE: t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-0391
|
2011-01-12 14:00 |
2010-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271483
|
- |
|
provider4u
|
vsftpd_webmin_module
|
Multiple unspecified vulnerabilities in the Vsftpd Webmin module before 1.3b for the Vsftpd server have unknown impact and attack vectors related to "Some security issues."
|
NVD-CWE-noinfo
|
CVE-2009-4457
|
2011-01-11 15:38 |
2009-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271484
|
- |
|
cisco
|
unified_meetingplace
|
Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not properly validate SQL commands, which allows remote attackers to create, modify, or delete data in …
|
CWE-89
SQL Injection
|
CVE-2010-0139
|
2011-01-7 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271485
|
- |
|
cisco
|
unified_meetingplace
|
MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to discover usernames, passwords, and unspecified other data from the user database via a modified auth…
|
CWE-255
Credentials Management
|
CVE-2010-0141
|
2011-01-7 14:00 |
2010-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271486
|
- |
|
xerox
|
workcentre_6400_net_controller
workcentre_6400_system_software
|
Unspecified vulnerability in the Network Controller in Xerox WorkCentre 6400 System Software 060.070.109.11407 through 060.070.109.29510, and Net Controller 060.079.11410 through 060.079.29310, allow…
|
CWE-200
Information Exposure
|
CVE-2010-0549
|
2011-01-6 14:00 |
2010-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271487
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in the Collaboration component in IBM WebSphere Portal 6.1.x before 6.1.0.3 allows remote attackers to inject arbitrary web script or HTML via the people pick…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4152
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271488
|
- |
|
joomlatune
|
com_proofreader
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in the ProofReader (com_proofreader) component 1.0 RC9 and earlier for Joomla! allow remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2009-4157
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271489
|
- |
|
roytanck
|
wp-cumulus
|
Cross-site scripting (XSS) vulnerability in wp-cumulus.php in the WP-Cumulus Plug-in before 1.22 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4169
|
2011-01-6 14:00 |
2009-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271490
|
- |
|
hp
|
decnet_plus_for_openvms
|
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restriction…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-5417
|
2011-01-5 14:00 |
2008-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
