|
355241
|
- |
|
jce-tech
|
php_calendars_script
|
install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote attackers to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a …
|
CWE-16
CWE-264
Configuration
Permissions, Privileges, and Access Controls
|
CVE-2010-0380
|
2010-01-25 14:00 |
2010-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355242
|
- |
|
phpmyspace
|
phpmyspace
|
SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a show_stats action…
|
CWE-89
SQL Injection
|
CVE-2010-0381
|
2010-01-25 14:00 |
2010-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355243
|
- |
|
phpmyspace
|
phpmyspace
|
SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action.…
|
CWE-89
SQL Injection
|
CVE-2010-0377
|
2010-01-23 03:30 |
2010-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355244
|
- |
|
sambar
|
sambar_server
|
search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter.
|
NVD-CWE-Other
|
CVE-2000-0835
|
2010-01-16 14:00 |
2000-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355245
|
- |
|
webtrends
|
reporting_center
|
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an…
|
CWE-200
Information Exposure
|
CVE-2002-0596
|
2010-01-16 14:00 |
2002-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355246
|
- |
|
tftpd32
|
tftpd32
|
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2353
|
2009-11-24 14:15 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355247
|
- |
|
jean-jacques_sarton
|
mtink
|
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable.
|
NVD-CWE-Other
|
CVE-2005-4604
|
2009-11-12 14:51 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355248
|
- |
|
openoffice
|
openoffice
|
OpenOffice.org 2.0 and earlier, when hyperlinks has been disabled, does not prevent the user from clicking the WWW-browser button in the Hyperlink dialog, which makes it easier for attackers to trick…
|
NVD-CWE-Other
|
CVE-2005-4636
|
2009-11-12 14:51 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355249
|
- |
|
dec
|
dec_openvms
|
Vulnerability in Monitor utility (SYS$SHARE:SPISHR.EXE) in VMS 5.0 through 5.4-2 allows local users to gain privileges.
|
NVD-CWE-Other
|
CVE-1999-1395
|
2009-10-31 13:02 |
1992-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
355250
|
- |
|
apple
|
mac_os_x
|
Mac OS X 10.3.9 and earlier allows users to install, create, and execute setuid/setgid scripts, contrary to the intended design, which may allow attackers to conduct unauthorized activities with esca…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-0970
|
2009-10-14 13:00 |
2005-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
