|
346971
|
- |
|
php
|
php
|
The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that lack a trailing / (slash) character, which allows context-dependent attackers to bypass intended ac…
|
CWE-20
Improper Input Validation
|
CVE-2010-1129
|
2010-08-31 14:42 |
2010-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346972
|
- |
|
uninet
|
statsplus
|
Cross-site scripting (XSS) vulnerability in stat.pl in StatsPlus 1.25 allows remote attackers to inject arbitrary web script or HTML via (1) HTTP_USER_AGENT or (2) HTTP_REFERER, which is written to s…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2330
|
2010-08-30 13:00 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346973
|
- |
|
squid-cache
|
squid
|
The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STABLE8, and htcp.cc in 3.0 before 3.0.STABLE24, allows remote attackers to cause a denial of service (…
|
NVD-CWE-Other
|
CVE-2010-0639
|
2010-08-2 13:00 |
2010-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346974
|
- |
|
squid-cache
|
squid
|
Per: http://cwe.mitre.org/data/definitions/476.html
'NULL Pointer Dereference'
|
NVD-CWE-Other
|
CVE-2010-0639
|
2010-08-2 13:00 |
2010-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346975
|
- |
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to inject arbitrary web script or HTML via crafted Cascading Style Sheets …
|
CWE-79
Cross-site Scripting
|
CVE-2010-1647
|
2010-07-30 14:48 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346976
|
- |
|
mediawiki
|
mediawiki
|
Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3 allows remote attackers to hijack the authentication of users for re…
|
CWE-352
Origin Validation Error
|
CVE-2010-1648
|
2010-07-30 14:48 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346977
|
- |
|
openx
|
openx
|
Unspecified vulnerability in OpenX 2.8.1 and 2.8.2 allows remote attackers to bypass authentication and obtain access to an Administrator account via unknown vectors, possibly related to www/admin/in…
|
NVD-CWE-noinfo
CWE-287
Improper Authentication
|
CVE-2009-4830
|
2010-07-30 13:00 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346978
|
- |
|
cisco
|
ios
|
Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Pro…
|
NVD-CWE-noinfo
|
CVE-2010-0584
|
2010-07-13 14:50 |
2010-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346979
|
- |
|
frank-karau
|
phpfk_php_forum
|
Cross-site scripting (XSS) vulnerability in search.php in phpFK PHP Forum ohne 7.0.4 allows remote attackers to inject arbitrary web script or HTML via the search parameter. NOTE: the provenance of …
|
CWE-79
Cross-site Scripting
|
CVE-2009-4677
|
2010-07-13 14:48 |
2010-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
346980
|
- |
|
gnome
|
screensaver
|
gnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to ac…
|
NVD-CWE-Other
|
CVE-2009-4641
|
2010-07-7 13:00 |
2010-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
