|
344431
|
- |
|
saurus
|
saurus_cms
|
Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authenticated users, with "Article list" edit privileges, to inject arbitrary web script or HTML via the p…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1997
|
2018-10-11 04:58 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344432
|
- |
|
proxy2
|
advanced_poll
|
Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote attackers to inject arbitrary web script or HTML via the mysql_host parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2003
|
2018-10-11 04:58 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344433
|
- |
|
letodms
|
letodms
|
Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in…
|
CWE-22
Path Traversal
|
CVE-2010-2006
|
2018-10-11 04:58 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344434
|
- |
|
letodms
|
letodms
|
Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and earlier allow remote attackers to hijack the authentication of administrators for requests that use (1…
|
CWE-352
Origin Validation Error
|
CVE-2010-2007
|
2018-10-11 04:58 |
2010-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344435
|
- |
|
createch-group
|
lisk_cms
|
Cross-site scripting (XSS) vulnerability in cp/edit_email.php in LiSK CMS 4.4 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2013
|
2018-10-11 04:58 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344436
|
- |
|
exim
|
exim
|
transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the st_nlink field of mailbox files, which allows local users to cause a denial o…
|
CWE-362
Race Condition
|
CVE-2010-2023
|
2018-10-11 04:58 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344437
|
- |
|
exim
|
exim
|
transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to change permissions of arbitrary files or create arbitrary files, and cause a denial of service or possi…
|
CWE-362
Race Condition
|
CVE-2010-2024
|
2018-10-11 04:58 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344438
|
- |
|
wolfram_research
|
mathematica
|
Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink attack on (1) files within /tmp/MathLink/ or (2) /tmp/fonts$$.conf.
|
CWE-59
Link Following
|
CVE-2010-2027
|
2018-10-11 04:58 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344439
|
- |
|
caucho
|
resin
|
Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology Resin Professional 3.1.5, 3.1.10, 4.0.6, and possibly other versions allow remote attackers to injec…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2032
|
2018-10-11 04:58 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
344440
|
- |
|
gpeasy
|
gpeasy_cms
|
Cross-site scripting (XSS) vulnerability in include/tool/editing_files.php in gpEasy CMS 1.6.2 allows remote authenticated users, with Edit privileges, to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2038
|
2018-10-11 04:58 |
2010-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
