|
353771
|
- |
|
dragonfrugal
|
dfd_cart
|
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198, 1.197, and earlier allow remote attackers to hijack the authentication of administrators for reque…
|
CWE-352
Origin Validation Error
|
CVE-2010-1542
|
2010-04-28 01:43 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353772
|
- |
|
mearra
|
addthis
|
Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x before 6.x-2.9 for Drupal allows remote authenticated users, with administer addthis privileges, to in…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1536
|
2010-04-28 01:04 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353773
|
- |
|
wolfram
|
webmathematica
|
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message.
|
CWE-200
Information Exposure
|
CVE-2009-4812
|
2010-04-28 00:30 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353774
|
- |
|
mybboard
|
mybb
|
Cross-site scripting (XSS) vulnerability in myps.php in MyBB (aka MyBulletinBoard) 1.4.10 allows remote attackers to inject arbitrary web script or HTML via the username parameter in a donate action.
|
CWE-79
Cross-site Scripting
|
CVE-2009-4813
|
2010-04-28 00:30 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353775
|
- |
|
reyero
|
i18n
|
Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.x-1.4 for Drupal allow remote authenticated users, with translate interface or administer blocks pr…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1530
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353776
|
- |
|
givesight
|
com_powermail
|
Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact…
|
CWE-22
Path Traversal
|
CVE-2010-1532
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353777
|
- |
|
dragonfrugal
|
dfd_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) category and (2) list_quantity para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1541
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353778
|
- |
|
acme
rca
|
micro_httpd
digital_cable_modem
|
micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (device reboot) via a long string to TCP port 80.
|
CWE-20
Improper Input Validation
|
CVE-2010-1544
|
2010-04-27 13:00 |
2010-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353779
|
- |
|
samhain_labs
|
samhain
|
The Secure Remote Password (SRP) implementation in Samhain before 2.5.4 does not check for a certain zero value where required by the protocol, which allows remote attackers to bypass authentication …
|
CWE-20
Improper Input Validation
|
CVE-2009-4810
|
2010-04-27 01:17 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
353780
|
- |
|
palosanto
|
elastix
|
Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the id_nodo parameter. NOTE: the provenance of this in…
|
CWE-22
Path Traversal
|
CVE-2010-1492
|
2010-04-26 13:00 |
2010-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
