|
348171
|
- |
|
mybb
|
mybb
|
Multiple unspecified vulnerabilities in MyBulletinBoard (MyBB) before 1.0.2 have unspecified impact and attack vectors, related to (1) admin/moderate.php, (2) admin/themes.php, (3) inc/functions.php,…
|
NVD-CWE-noinfo
|
CVE-2006-0218
|
2013-01-3 14:00 |
2006-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348172
|
- |
|
invisionpower
|
invision_power_board
|
The make_password function in ipsclass.php in Invision Power Board (IPB) 2.1.4 uses random data generated from partially predictable seeds to create the authentication code that is sent by e-mail to …
|
CWE-287
Improper Authentication
|
CVE-2006-0633
|
2013-01-3 14:00 |
2006-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348173
|
- |
|
zen-cart
|
zen_cart
|
Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2006-0697
|
2013-01-3 14:00 |
2006-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348174
|
- |
|
e107
|
e107
|
Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote attackers to conduct SQL injection attacks via the loginname parameter.
|
NVD-CWE-Other
|
CVE-2010-2098
|
2012-12-13 13:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348175
|
- |
|
e107
|
e107
|
Per: http://cwe.mitre.org/data/definitions/184.html
'CWE-184: Incomplete Blacklist'
|
NVD-CWE-Other
|
CVE-2010-2098
|
2012-12-13 13:00 |
2010-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348176
|
- |
|
kerio
|
personal_firewall
serverfirewall
|
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Env…
|
NVD-CWE-Other
|
CVE-2005-3286
|
2012-12-13 11:43 |
2005-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348177
|
- |
|
freebsd
|
freebsd
|
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, when vfs.usermount is enabled, does not validate the length of a certain fhsize parameter, which allo…
|
CWE-20
Improper Input Validation
|
CVE-2010-2020
|
2012-11-6 13:41 |
2010-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348178
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
TikiWiki before 1.8.5 does not properly validate files that have been uploaded to the temp directory, which could allow remote attackers to upload and execute arbitrary PHP scripts, a different vulne…
|
CWE-20
Improper Input Validation
|
CVE-2005-0200
|
2012-10-24 13:00 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348179
|
- |
|
tiki
|
tikiwiki_cms\/groupware
|
Cross-site scripting (XSS) vulnerability in TikiWiki before 1.9.1.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2005-3283
|
2012-10-24 13:00 |
2005-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
348180
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-0851
|
2012-10-23 12:20 |
2010-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
