|
352321
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate …
|
NVD-CWE-Other
|
CVE-2009-4642
|
2010-03-22 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352322
|
- |
|
dmanager
|
documentmanager
|
Unspecified vulnerability in DocumentManager before 4.0 has unknown impact and attack vectors, related to file rights.
|
NVD-CWE-noinfo
|
CVE-2010-0612
|
2010-03-18 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352323
|
- |
|
citrix
|
xenserver
|
Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users to bypass authentication and execute unspecified Xen API (XAPI) calls via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-0633
|
2010-03-18 13:00 |
2010-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352324
|
- |
|
joomlamo
|
com_cartweberp
|
Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to in…
|
CWE-22
Path Traversal
|
CVE-2010-0982
|
2010-03-18 03:44 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352325
|
- |
|
dzcp
|
dev\!l\'z_clanportal
|
PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the …
|
CWE-94
Code Injection
|
CVE-2010-0966
|
2010-03-17 22:27 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352326
|
- |
|
geekhelps
|
admp
|
SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to execute arbitrary SQL commands via the click parameter.
|
CWE-89
SQL Injection
|
CVE-2010-0968
|
2010-03-17 13:00 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352327
|
- |
|
pordus
|
pd_portal
|
PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/db.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0977
|
2010-03-17 13:00 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352328
|
- |
|
obsession-design
|
image-gallery
|
Cross-site scripting (XSS) vulnerability in display.php in Obsession-Design Image-Gallery (ODIG) 1.1 allows remote attackers to inject arbitrary web script or HTML via the folder parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-0979
|
2010-03-17 13:00 |
2010-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352329
|
- |
|
robert_heel
|
cwt_resetbepassword
|
SQL injection vulnerability in the Reset backend password (cwt_resetbepassword) extension 1.20 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2009-4710
|
2010-03-17 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352330
|
- |
|
alexandre_amaral
|
xoops_celepar
|
Cross-site scripting (XSS) vulnerability in the quiz module for XOOPS Celepar allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to cadastro_usuario.php.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4714
|
2010-03-17 13:00 |
2010-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
