|
303411
|
- |
|
ibm
|
db2
|
IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which allows remote authenticated users to bypas…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3474
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303412
|
- |
|
ibm
|
filenet_p8_application_engine
|
Open redirect vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allows remote attackers to redirect users to arbitrary web sites and…
|
CWE-20
Improper Input Validation
|
CVE-2010-3473
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303413
|
- |
|
ibm
|
filenet_p8_application_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 allow remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3472
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303414
|
- |
|
ibm
|
filenet_p8_application_engine
|
Session fixation vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 4.0.2.x before 4.0.2.7-P8AE-FP007 allows remote attackers to hijack web sessions via uns…
|
CWE-287
Improper Authentication
|
CVE-2010-3471
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303415
|
- |
|
ibm
|
filenet_p8_application_engine
|
Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileNet P8 Application Engine (P8AE) 3.5.1 before 3.5.1-021 and 4.0.2.x before 4.0.2.7-P8AE-FP007 allow …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3470
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303416
|
- |
|
flock
|
flock
|
Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before 3.0.0.4114 allows remote attackers to inject arbitrary web script or HTML via a crafted RSS feed.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3262
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303417
|
- |
|
microsoft
|
word
|
MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote attackers to cause a denial of service (NULL pointer dereference and multiple-instance application crash) via a crafted buffer in a Wo…
|
NVD-CWE-Other
|
CVE-2010-3200
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303418
|
- |
|
e-xoopport
|
samsara
|
SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, when the Tutorial module is enabled, allows remote attackers to execute arbitrary SQL commands via the…
|
CWE-89
SQL Injection
|
CVE-2010-3467
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303419
|
- |
|
netartmedia
|
iboutique.mall
|
Cross-site scripting (XSS) vulnerability in index.php in the hosted_signup module in NetArt Media iBoutique.MALL 1.2 allows remote attackers to inject arbitrary web script or HTML via the tmpl parame…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3466
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303420
|
- |
|
ecommercesoft
|
xse_shopping_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in XSE Shopping Cart 1.5.2.1 and 1.5.3.0 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to Default.aspx and…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3465
|
2024-11-21 10:18 |
2010-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
