|
305391
|
- |
|
moodle
|
moodle
|
The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site sc…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2230
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305392
|
- |
|
moodle
|
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2229
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305393
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2228
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305394
|
- |
|
linearcorp
|
emerge_50
emerge_5000
|
The Linear eMerge 50 and 5000 uses a default password of eMerge for the IEIeMerge account, which makes it easier for remote attackers to obtain Video Recorder data by establishing a session to the de…
|
CWE-255
Credentials Management
|
CVE-2010-2469
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305395
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for con…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2468
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305396
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, w…
|
CWE-255
Credentials Management
|
CVE-2010-2467
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305397
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2466
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305398
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, stores sensitive information under the web root with insufficient access control, which al…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2465
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305399
|
- |
|
rsjoomla
|
com_rscomments
|
Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0.0 Rev 2 for Joomla! allow remote attackers to inject arbitrary web script or HTML via the (1) webs…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2464
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305400
|
- |
|
jamroom
|
jamroom
|
Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attackers to inject arbitrary web script or HTML via the post_id parameter in a modify action.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2463
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
