|
303401
|
- |
|
microsoft
|
.net_framework
|
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET in Microsoft Internet Information Services (IIS), provides detailed error codes during decryption …
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2010-3332
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303402
|
- |
|
egroupware
|
egroupware
|
Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309;…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3314
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303403
|
- |
|
egroupware
|
egroupware
|
phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 befor…
|
CWE-94
Code Injection
|
CVE-2010-3313
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303404
|
- |
|
linux
suse
canonical
|
linux_kernel
linux_enterprise_real_time_extension
ubuntu_linux
|
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit ent…
|
CWE-269
Improper Privilege Management
|
CVE-2010-3301
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303405
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certa…
|
CWE-399
Resource Management Errors
|
CVE-2010-3477
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303406
|
- |
|
drupal
|
drupal
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action descrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3094
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303407
|
- |
|
drupal
|
drupal
|
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3093
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303408
|
- |
|
drupal
|
drupal
|
The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3092
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303409
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attacke…
|
CWE-20
Improper Input Validation
|
CVE-2010-3476
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303410
|
- |
|
ibm
|
db2
|
IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3475
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
