|
287461
|
- |
|
silverstripe
|
silverstripe
|
Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via (1) the CommenterURL parameter to PostCommentForm, a…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1593
|
2018-10-11 04:57 |
2010-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287462
|
- |
|
sap
|
netweaver
|
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-1609
|
2018-10-11 04:57 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287463
|
- |
|
opencart
|
opencart
|
Cross-site request forgery (CSRF) vulnerability in index.php in OpenCart 1.4 allows remote attackers to hijack the authentication of an application administrator for requests that create an administr…
|
CWE-352
Origin Validation Error
|
CVE-2010-1610
|
2018-10-11 04:57 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287464
|
- |
|
ibm
|
websphere_datapower_xml_accelerator_xa35
websphere_datapower_xml_security_gateway_xs40
websphere_datapower_datapower_integration_appliance_xi50
websphere_datapower_b2b_appliance_xb60
webs…
|
The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGI…
|
NVD-CWE-Other
|
CVE-2010-1612
|
2018-10-11 04:57 |
2010-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287465
|
- |
|
artifex
|
gpl_ghostscript
|
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trig…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1628
|
2018-10-11 04:57 |
2010-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287466
|
- |
|
todd_miller
|
sudo
|
The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-1646
|
2018-10-11 04:57 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287467
|
- |
|
powereasy
|
siteweaver
|
Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in PowerEasy 2006 and PowerEasy SiteWeaver 6.8 allows remote attackers to inject arbitrary web script or HTML via the ComeUrl parame…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1655
|
2018-10-11 04:57 |
2010-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287468
|
- |
|
microsoft
|
visio
|
Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-1681
|
2018-10-11 04:57 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287469
|
- |
|
zikula
|
zikula_application_framework
|
Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) func paramet…
|
CWE-79
Cross-site Scripting
|
CVE-2010-1724
|
2018-10-11 04:57 |
2010-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
287470
|
- |
|
apple
|
safari
webkit
|
Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or caus…
|
CWE-399
Resource Management Errors
|
CVE-2010-1749
|
2018-10-11 04:57 |
2010-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
