|
303091
|
- |
|
apereo
|
phpcas
|
Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directo…
|
CWE-22
Path Traversal
|
CVE-2010-3692
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303092
|
- |
|
apereo
|
phpcas
|
PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.
|
CWE-59
Link Following
|
CVE-2010-3691
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303093
|
- |
|
apereo
|
phpcas
|
Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabled, allow remote attackers to inject arbitrary web script or HTML via (1) a crafted Proxy Granting …
|
CWE-79
Cross-site Scripting
|
CVE-2010-3690
|
2024-11-21 10:19 |
2010-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303094
|
- |
|
alvaro_herrera
|
pl\/php
|
The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain p…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3781
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303095
|
- |
|
dovecot
|
dovecot
|
Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.
|
NVD-CWE-Other
|
CVE-2010-3780
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303096
|
- |
|
dovecot
|
dovecot
|
Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass inten…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3779
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303097
|
- |
|
dovecot
|
dovecot
|
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3707
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303098
|
- |
|
dovecot
|
dovecot
|
plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a direc…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3706
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303099
|
- |
|
adobe
|
acrobat
acrobat_reader
|
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vecto…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3658
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303100
|
- |
|
adobe
|
acrobat
acrobat_reader
|
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service via unknown vectors, a different vuln…
|
NVD-CWE-noinfo
|
CVE-2010-3657
|
2024-11-21 10:19 |
2010-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
