|
355321
|
- |
|
apple
|
mac_os_x_server
|
Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types of uploaded files, which allows remote attackers to obtain sensitive information or possibly have unspecified other impact via a …
|
CWE-200
Information Exposure
|
CVE-2010-0523
|
2010-06-21 13:00 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355322
|
- |
|
apple
|
mac_os_x_server
|
Per: http://support.apple.com/kb/HT4077
'This issue only affects Mac OS X Server systems, and does not affect versions 10.6 or later.'
|
CWE-200
Information Exposure
|
CVE-2010-0523
|
2010-06-21 13:00 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355323
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key usage extension during processing of a keychain that specifies multiple certificates for an e-mail recipient, which might make i…
|
CWE-310
Cryptographic Issues
|
CVE-2010-0525
|
2010-06-21 13:00 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355324
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the service access control list (SACL) for weblogs during weblog creation, which allows remote authenticated users to publish content…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0534
|
2010-06-21 13:00 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355325
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce the service access control list (SACL) for sending and receiving e-mail, which allows remote authenti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0535
|
2010-06-21 13:00 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355326
|
- |
|
apple
|
mac_os_x
mac_os_x_server
|
DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly resolve pathnames in certain circumstances involving an application's save panel, which allows user-assisted remote attackers to…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-0537
|
2010-06-18 13:00 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355327
|
- |
|
notsopureedit
|
notsopureedit
|
PHP remote file inclusion vulnerability in templates/template.php in notsoPureEdit 1.4.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL…
|
CWE-94
Code Injection
|
CVE-2010-1216
|
2010-06-18 13:00 |
2010-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355328
|
- |
|
realitymedias
|
repairshop2
|
SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the prod parameter in a product…
|
CWE-89
SQL Injection
|
CVE-2010-1857
|
2010-06-14 04:18 |
2010-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355329
|
- |
|
xinha
s9y
|
wysiwyg_editor
serendipity
|
The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serendipity 1.5.2 and earlier, allows remote attackers to bypass intended access restrictions and modify …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1916
|
2010-06-14 04:18 |
2010-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355330
|
- |
|
zonecheck
|
zonecheck
|
Multiple cross-site scripting (XSS) vulnerabilities in zc/publisher/html.rb in ZoneCheck 2.1.0 allow remote attackers to inject arbitrary web script or HTML via vectors related to (1) xmlnode.value, …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2155
|
2010-06-14 04:18 |
2010-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
