|
354481
|
- |
|
sun
|
opensolaris
|
The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an unspecified impact via vectors related to using kclient to join a Windows Active Directory domain.
|
CWE-16
Configuration
|
CVE-2010-0559
|
2010-05-25 14:51 |
2010-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354482
|
- |
|
info-zip
|
unzip
|
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
|
NVD-CWE-Other
|
CVE-2001-1268
|
2010-05-25 13:10 |
2001-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354483
|
- |
|
info-zip
|
unzip
|
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
|
NVD-CWE-Other
|
CVE-2001-1269
|
2010-05-25 13:10 |
2001-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354484
|
- |
|
xfree86_project
|
xfree86_x_server
|
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
|
NVD-CWE-Other
|
CVE-2001-1409
|
2010-05-25 13:10 |
2003-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354485
|
- |
|
sebrac.webcindario
|
migascms
|
SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the categorie parameter in a catalogo act…
|
CWE-89
SQL Injection
|
CVE-2010-2012
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354486
|
- |
|
createch-group
|
lisk_cms
|
Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the cl or possibly id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2014
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354487
|
- |
|
createch-group
|
lisk_cms
|
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id par…
|
CWE-89
SQL Injection
|
CVE-2010-2015
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354488
|
- |
|
bukulokomedia
|
lokomedia_cms
|
Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allows remote attackers to inject arbitrary web script or HTML via the kata parameter. NOTE: some of t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2017
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354489
|
- |
|
bukulokomedia
|
lokomedia_cms
|
SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the file parameter. NOTE: the prov…
|
CWE-89
SQL Injection
|
CVE-2010-2019
|
2010-05-25 02:30 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
354490
|
- |
|
apple
|
java
|
Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 do not properly handle mediaLibImage objects, which allows remote attackers to execute arbitrary code or cause …
|
CWE-399
Resource Management Errors
|
CVE-2010-0538
|
2010-05-24 13:00 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
