|
350751
|
- |
|
tor
|
tor
|
Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory authority, allows remote attackers to obtain sensitive information about bridge identities and bridge des…
|
CWE-200
Information Exposure
|
CVE-2010-0385
|
2010-01-26 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350752
|
- |
|
ibm
|
lotus_domino_server
|
The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 through 8.0, enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authen…
|
CWE-16
Configuration
|
CVE-2008-7253
|
2010-01-26 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350753
|
- |
|
oracle
|
database_server
|
Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 10.1.0.4 (10g) allows remote authenticated attackers to affect availability via unknown vectors, aka DB02.
|
NVD-CWE-noinfo
|
CVE-2005-4884
|
2010-01-26 14:00 |
2010-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350754
|
- |
|
jce-tech
|
php_calendars_script
|
install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote attackers to bypass intended access restrictions and modify application settings via a direct request. NOTE: this is only a …
|
CWE-16
CWE-264
Configuration
Permissions, Privileges, and Access Controls
|
CVE-2010-0380
|
2010-01-25 14:00 |
2010-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350755
|
- |
|
phpmyspace
|
phpmyspace
|
SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a show_stats action…
|
CWE-89
SQL Injection
|
CVE-2010-0381
|
2010-01-25 14:00 |
2010-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350756
|
- |
|
phpmyspace
|
phpmyspace
|
SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 allows remote attackers to execute arbitrary SQL commands via the gid parameter in a play_game action.…
|
CWE-89
SQL Injection
|
CVE-2010-0377
|
2010-01-23 03:30 |
2010-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350757
|
- |
|
sambar
|
sambar_server
|
search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter.
|
NVD-CWE-Other
|
CVE-2000-0835
|
2010-01-16 14:00 |
2000-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350758
|
- |
|
webtrends
|
reporting_center
|
WebTrends Reporting Center 4.0d allows remote attackers to determine the real path of the web server via a GET request to get_od_toc.pl with an empty Profile parameter, which leaks the pathname in an…
|
CWE-200
Information Exposure
|
CVE-2002-0596
|
2010-01-16 14:00 |
2002-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350759
|
- |
|
tftpd32
|
tftpd32
|
tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2353
|
2009-11-24 14:15 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
350760
|
- |
|
jean-jacques_sarton
|
mtink
|
Buffer overflow in MTink in the printer-filters-utils package allows local users to execute arbitrary code via a long HOME environment variable.
|
NVD-CWE-Other
|
CVE-2005-4604
|
2009-11-12 14:51 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
