|
358341
|
- |
|
jasper
|
httpdx
|
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET re…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2009-4769
|
2010-06-7 13:00 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358342
|
- |
|
jasper
|
httpdx
|
The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 has a default password of pass123 for the moderator account, which makes it easier for remote attackers to obtain privileged acce…
|
CWE-255
Credentials Management
|
CVE-2009-4770
|
2010-06-7 13:00 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358343
|
- |
|
hitachi
|
ucosminexus\/opentp1_web_web_front-endset
ucosminexus_application_server
ucosminexus_client
ucosminexus_collaboration
ucosminexus_developer
ucosminexus_operator
ucosminexus_service_…
|
Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C+…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2009-4776
|
2010-06-7 13:00 |
2010-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358344
|
- |
|
kolab
|
kolab_server
|
Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab Server before 2.2.3 allows attackers to have an unspecified impact via vectors related to an "image upload form."
|
NVD-CWE-noinfo
|
CVE-2009-4824
|
2010-06-5 14:31 |
2010-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358345
|
- |
|
zeeways
|
ebay_clone_auction_script
|
Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways eBay Clone Auction Script allows remote attackers to inject arbitrary web script or HTML via the msg parameter. NOTE: some of th…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2144
|
2010-06-4 13:00 |
2010-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358346
|
- |
|
graviton-mediatech
|
visitor_logger
|
PHP remote file inclusion vulnerability in banned.php in Visitor Logger allows remote attackers to execute arbitrary PHP code via a URL in the VL_include_path parameter.
|
CWE-94
Code Injection
|
CVE-2010-2146
|
2010-06-4 13:00 |
2010-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358347
|
- |
|
fujitsu
|
e-pares
|
Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2150
|
2010-06-4 13:00 |
2010-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358348
|
- |
|
fujitsu
|
e-pares
|
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L30, and L40 allows remote attackers to hijack the authentication of users for requests that modify …
|
CWE-352
Origin Validation Error
|
CVE-2010-2151
|
2010-06-4 13:00 |
2010-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358349
|
- |
|
tecnick
|
tcexam
|
Unrestricted file upload vulnerability in admin/code/tce_functions_tcecode_editor.php in TCExam 10.1.006 and 10.1.007 allows remote attackers to execute arbitrary code by uploading a file with an exe…
|
NVD-CWE-Other
|
CVE-2010-2153
|
2010-06-4 13:00 |
2010-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358350
|
- |
|
tecnick
|
tcexam
|
Per: http://cwe.mitre.org/data/definitions/434.html
'CWE-434: Unrestricted Upload of File with Dangerous Type'
|
NVD-CWE-Other
|
CVE-2010-2153
|
2010-06-4 13:00 |
2010-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
