|
310611
|
- |
|
splunk
|
splunk
|
Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.
|
NVD-CWE-Other
|
CVE-2010-3323
|
2024-11-21 10:18 |
2010-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310612
|
8.8 |
HIGH
Network
|
splunk
|
splunk
|
The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.
|
CWE-611
XXE
|
CVE-2010-3322
|
2024-11-21 10:18 |
2010-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310613
|
- |
|
ibm
|
filenet_content_manager
|
Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified ve…
|
CWE-20
Improper Input Validation
|
CVE-2010-3320
|
2024-11-21 10:18 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310614
|
- |
|
ibm
|
filenet_content_manager
|
IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file.
|
CWE-255
Credentials Management
|
CVE-2010-3319
|
2024-11-21 10:18 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310615
|
- |
|
ibm
|
filenet_content_manager
|
IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.
|
CWE-255
Credentials Management
|
CVE-2010-3318
|
2024-11-21 10:18 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310616
|
- |
|
ibm
|
filenet_content_manager
|
Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3317
|
2024-11-21 10:18 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310617
|
- |
|
flock
|
flock
|
Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 allows remote attackers to inject arbitrary web script or HTML via a crafted bookmark.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3202
|
2024-11-21 10:18 |
2010-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310618
|
- |
|
phpmyadmin
|
phpmyadmin
|
Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote attackers to inject arbitrary web script or HTML via a server n…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3263
|
2024-11-21 10:18 |
2010-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310619
|
- |
|
tigris
|
tortoisesvn
|
Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3199
|
2024-11-21 10:18 |
2010-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
310620
|
- |
|
mozilla
|
firefox
seamonkey
thunderbird
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow r…
|
NVD-CWE-noinfo
|
CVE-2010-3169
|
2024-11-21 10:18 |
2010-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
