|
298091
|
6.1 |
MEDIUM
Network
|
icewarp
|
webclient
|
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.
|
CWE-79
Cross-site Scripting
|
CVE-2010-5337
|
2024-11-21 10:23 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298092
|
6.1 |
MEDIUM
Network
|
icewarp
|
webclient
|
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.
|
CWE-79
Cross-site Scripting
|
CVE-2010-5336
|
2024-11-21 10:23 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298093
|
7.5 |
HIGH
Network
|
icewarp
|
webclient
|
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parame…
|
CWE-22
Path Traversal
|
CVE-2010-5335
|
2024-11-21 10:23 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298094
|
7.5 |
HIGH
Network
|
icewarp
|
webclient
|
IceWarp Webclient before 10.2.1 has a directory traversal vulnerability. This can result in loss of confidential data of IceWarp Mailserver and the operating system. Input passed via a certain parame…
|
CWE-22
Path Traversal
|
CVE-2010-5334
|
2024-11-21 10:23 |
2019-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298095
|
9.8 |
CRITICAL
Network
|
integard_home_project
integard_pro_project
|
integard_home
integard_pro
|
The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code exec…
|
CWE-120
Classic Buffer Overflow
|
CVE-2010-5333
|
2024-11-21 10:23 |
2019-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298096
|
5.6 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-5332
|
2024-11-21 10:23 |
2019-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298097
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 2.6.34, a range check issue in drivers/gpu/drm/radeon/atombios.c could cause an off by one (buffer overflow) problem. NOTE: At least one Linux maintainer believes that this…
|
CWE-193
Off-by-one Error
|
CVE-2010-5331
|
2024-11-21 10:23 |
2019-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298098
|
9.8 |
CRITICAL
Network
|
ui
|
airos
|
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the ifname variable is not sanitized, as demonstrated by shell metacharacters. The fi…
|
CWE-77
Command Injection
|
CVE-2010-5330
|
2024-11-21 10:23 |
2019-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298099
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
rslogix
plc5_1785-lx_firmware
slc5\/01_1747-l5x_firmware
|
The potential exists for exposure of the product's password used to restrict unauthorized access to Rockwell PLC5/SLC5/0x/RSLogix 1785-Lx and 1747-L5x controllers. The potential exists for an unautho…
|
CWE-284
Improper Access Control
|
CVE-2010-5305
|
2024-11-21 10:23 |
2019-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298100
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the Linux kernel before 2.6.39 relies on the count value of a v4l2_ext_controls data structure to determine a kmalloc size, which mi…
|
CWE-399
Resource Management Errors
|
CVE-2010-5329
|
2024-11-21 10:23 |
2017-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
