|
351961
|
- |
|
apache
|
apache_http_server
|
Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to bypass authentication, and read and possibly modify data, via vectors related to improper interactio…
|
CWE-362
Race Condition
|
CVE-2010-1151
|
2010-05-27 14:49 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351962
|
- |
|
moinmo
|
moinmoin
|
MoinMoin 1.7.x before 1.7.3 and 1.8.x before 1.8.3 checks parent ACLs in certain inappropriate circumstances during processing of hierarchical ACLs, which allows remote attackers to bypass intended a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2009-4762
|
2010-05-27 14:47 |
2010-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351963
|
- |
|
cisco
|
scientific_atlanta_webstar_dpc2100r2
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allow remote attackers to…
|
CWE-352
Origin Validation Error
|
CVE-2010-2025
|
2010-05-27 13:00 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351964
|
- |
|
cisco
|
scientific_atlanta_webstar_dpc2100r2
|
The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 allows remote attackers to bypass authentication, and reset the modem or replace the fi…
|
CWE-287
Improper Authentication
|
CVE-2010-2026
|
2010-05-27 13:00 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351965
|
- |
|
cisco
|
scientific_atlanta_webstar_dpc2100r2
|
The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r1256-060303 has a default administrative password (aka SAPassword) of W2402, which makes it easier …
|
CWE-255
Credentials Management
|
CVE-2010-2082
|
2010-05-27 13:00 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351966
|
- |
|
microsoft
|
dynamics_gp
|
Microsoft Dynamics GP has a default value of ACCESS for the system password, which might make it easier for remote authenticated users to bypass intended access restrictions via unspecified vectors.
|
CWE-255
Credentials Management
|
CVE-2010-2083
|
2010-05-27 13:00 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351967
|
- |
|
novell
|
access_manager
|
The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restric…
|
CWE-287
Improper Authentication
|
CVE-2009-4879
|
2010-05-27 13:00 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351968
|
- |
|
rhinosoft
|
serv-u
|
Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Ses…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4873
|
2010-05-27 03:30 |
2010-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351969
|
- |
|
percha
|
com_perchafieldsattach
|
Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other im…
|
CWE-22
Path Traversal
|
CVE-2010-2036
|
2010-05-26 22:44 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
351970
|
- |
|
phorum
|
phorum
|
Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject arbitrary web script or HTML via an invalid email address.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1629
|
2010-05-26 14:48 |
2010-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
