|
310411
|
- |
|
mahara
|
mahara
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 allow remote attackers to hijack the authentication of unspecified victi…
|
CWE-352
Origin Validation Error
|
CVE-2010-1668
|
2024-11-21 10:14 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310412
|
- |
|
mahara
|
mahara
|
Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 allow remote attackers to inject arbitrary web script or HTML via unspecified v…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1667
|
2024-11-21 10:14 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310413
|
- |
|
cisco
|
content_services_switch_11500
ace_4710
|
The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR …
|
CWE-20
Improper Input Validation
|
CVE-2010-1576
|
2024-11-21 10:14 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310414
|
- |
|
cisco
|
content_services_switch_11500
|
The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1575
|
2024-11-21 10:14 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310415
|
- |
|
tornadostore
|
tornadostore
|
Multiple cross-site scripting (XSS) vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) tipo or (2) destino parameter to login_…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1328
|
2024-11-21 10:14 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310416
|
- |
|
tornadostore
|
tornadostore
|
Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL commands via (1) the marca parameter to precios.php3 or (2) the where paramete…
|
CWE-89
SQL Injection
|
CVE-2010-1327
|
2024-11-21 10:14 |
2010-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310417
|
- |
|
dan_pascu
|
python-cjson
|
Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1666
|
2024-11-21 10:14 |
2010-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310418
|
- |
|
ordasoft
|
com_booklibrary
|
Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_booklibrary) component 1.5.3 before 1.5.3_2010_06_20 for Joomla! allow remote attackers to execute arbitrary SQL commands via the …
|
CWE-89
SQL Injection
|
CVE-2010-1522
|
2024-11-21 10:14 |
2010-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310419
|
- |
|
taskfreak
|
taskfreak\!
|
SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to execute arbitrary SQL commands via the password parameter to logi…
|
CWE-89
SQL Injection
|
CVE-2010-1521
|
2024-11-21 10:14 |
2010-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310420
|
- |
|
taskfreak
|
taskfreak\!
|
Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! Original multi user before 0.6.4 allows remote attackers to inject arbitrary web script or HTML via the tznMessage parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1520
|
2024-11-21 10:14 |
2010-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
