|
352961
|
- |
|
peter_hocherl
|
com_tweetla
|
Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2010-1533
|
2010-05-24 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352962
|
- |
|
peter_hocherl
|
com_travelbook
|
Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (d…
|
CWE-22
Path Traversal
|
CVE-2010-1535
|
2010-05-24 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352963
|
- |
|
myblog
|
com_myblog
|
Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. NOTE…
|
CWE-22
Path Traversal
|
CVE-2010-1540
|
2010-05-24 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352964
|
- |
|
bsplayer
|
bs.player
|
Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build 1003, and possibly other versions allows user-assisted remote attackers to execute arbitrary code v…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-2009
|
2010-05-24 13:00 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352965
|
- |
|
microsoft
|
dynamics_gp
|
Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecified other fields, which makes it easier for remote authenticated users to obtain sensitive informatio…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2011
|
2010-05-24 13:00 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352966
|
- |
|
scriptsez
|
mini_hosting_panel
|
Cross-site request forgery (CSRF) vulnerability in hosting/admin_ac.php in ScriptsEz Mini Hosting Panel allows remote attackers to hijack the authentication of administrators for requests that alter …
|
CWE-352
Origin Validation Error
|
CVE-2009-4826
|
2010-05-24 13:00 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352967
|
- |
|
scriptez
|
mail_manager_pro
|
Cross-site request forgery (CSRF) vulnerability in admin.php in Mail Manager Pro allows remote attackers to hijack the authentication of administrators for requests that change the admin password via…
|
CWE-352
Origin Validation Error
|
CVE-2009-4827
|
2010-05-24 13:00 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352968
|
- |
|
phpwebscripts
|
ad_manager_pro
|
Cross-site request forgery (CSRF) vulnerability in administration/admins.php in Ad Manager Pro (aka AdManagerPro) 3.0 allows remote attackers to hijack the authentication of administrators for reques…
|
CWE-352
Origin Validation Error
|
CVE-2009-4828
|
2010-05-24 13:00 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352969
|
- |
|
stafford.uklinux
|
libesmtp
|
libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attack…
|
CWE-310
Cryptographic Issues
|
CVE-2010-1192
|
2010-05-22 14:46 |
2010-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
352970
|
- |
|
stafford.uklinux
|
libesmtp
|
The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attac…
|
CWE-310
Cryptographic Issues
|
CVE-2010-1194
|
2010-05-22 14:46 |
2010-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
