|
344621
|
- |
|
becauseinter
|
bournal
|
Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files associated with a --hack_the_gibson update check.
|
CWE-59
Link Following
|
CVE-2010-0118
|
2018-10-11 04:51 |
2010-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344622
|
- |
|
becauseinter
|
bournal
|
Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows local users to obtain sensitive information by listing the process and its argum…
|
CWE-200
Information Exposure
|
CVE-2010-0119
|
2018-10-11 04:51 |
2010-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344623
|
- |
|
timeclock-software
|
employee_timeclock_software
|
Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter to (a) auth.php or (…
|
CWE-89
SQL Injection
|
CVE-2010-0122
|
2018-10-11 04:51 |
2010-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344624
|
- |
|
timeclock-software
|
employee_timeclock_software
|
The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a da…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0123
|
2018-10-11 04:51 |
2010-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344625
|
- |
|
timeclock-software
|
employee_timeclock_software
|
Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.
|
CWE-255
Credentials Management
|
CVE-2010-0124
|
2018-10-11 04:51 |
2010-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344626
|
- |
|
viewvc
|
viewvc
|
Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the regular expression search functionality is enabled, allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2010-0132
|
2018-10-11 04:51 |
2010-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344627
|
- |
|
mozilla
|
firefox
seamonkey
|
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows rem…
|
CWE-399
Resource Management Errors
|
CVE-2010-0160
|
2018-10-11 04:51 |
2010-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344628
|
- |
|
mozilla
|
firefox
|
Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of s…
|
CWE-399
Resource Management Errors
|
CVE-2010-0164
|
2018-10-11 04:51 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344629
|
- |
|
sun
|
jre
jdk
|
Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java for Business 6 Update 18 allows remote attackers to affect integrity and availability via unknown ve…
|
NVD-CWE-noinfo
|
CVE-2010-0090
|
2018-10-11 04:50 |
2010-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344630
|
- |
|
sun
|
jre
jdk
|
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, and 5.0 Update 23 allows remote attackers to affect confidentiality, integrity…
|
NVD-CWE-noinfo
|
CVE-2010-0092
|
2018-10-11 04:50 |
2010-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
