|
345381
|
- |
|
chaos_tool_suite_project
|
ctools
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal allow remote attackers to hijack the authentication of administrat…
|
CWE-352
Origin Validation Error
|
CVE-2010-1547
|
2017-08-17 10:32 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345382
|
- |
|
chaos_tool_suite_project
|
ctools
|
The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for Drupal does not follow access restrictions, which allows remote authenticated users, with "access co…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1548
|
2017-08-17 10:32 |
2010-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345383
|
- |
|
hp
|
multifunction_peripheral_digital_sending_software
|
Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtai…
|
NVD-CWE-noinfo
|
CVE-2010-1558
|
2017-08-17 10:32 |
2010-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345384
|
- |
|
cisco
|
unified_contact_center_express
customer_response_solution
unified_ip_interactive_voice_response
|
The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote …
|
NVD-CWE-noinfo
|
CVE-2010-1570
|
2017-08-17 10:32 |
2010-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345385
|
- |
|
cisco
|
unified_contact_center_express
customer_response_solution
unified_ip_interactive_voice_response
|
Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows re…
|
CWE-22
Path Traversal
|
CVE-2010-1571
|
2017-08-17 10:32 |
2010-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345386
|
- |
|
cisco
|
application_extension_framework
|
Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platform (AXP) 1.1 and 1.1.5 allows local users to obtain sensitive configuration information and gain ad…
|
NVD-CWE-noinfo
|
CVE-2010-1572
|
2017-08-17 10:32 |
2010-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345387
|
- |
|
taskfreak
tirzen
|
taskfreak\!
tirzen_framework
|
SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php in Tirzen (aka TZN) Framework 1.5, as used in TaskFreak! before 0.6.3, allows remote attackers to e…
|
CWE-89
SQL Injection
|
CVE-2010-1583
|
2017-08-17 10:32 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345388
|
- |
|
steven_jones
|
context
|
Cross-site scripting (XSS) vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows remote authenticated users, with Administer Blocks privileges, to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1584
|
2017-08-17 10:32 |
2010-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345389
|
- |
|
hp
|
system_management_homepage
|
Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the Redire…
|
CWE-20
Improper Input Validation
|
CVE-2010-1586
|
2017-08-17 10:32 |
2010-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
345390
|
- |
|
vpasp
|
vp-asp_shopping_cart
|
SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping Cart 6.50 and earlier allows remote attackers to execute arbitrary SQL commands…
|
CWE-89
SQL Injection
|
CVE-2010-1588
|
2017-08-17 10:32 |
2010-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
