|
298631
|
- |
|
silverstripe
|
silverstripe
|
The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by cha…
|
CWE-94
Code Injection
|
CVE-2010-5091
|
2024-11-21 10:22 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298632
|
- |
|
silverstripe
|
silverstripe
|
SilverStripe before 2.4.2 allows remote authenticated users to change administrator passwords via vectors related to admin/security.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5090
|
2024-11-21 10:22 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298633
|
- |
|
silverstripe
|
silverstripe
|
SilverStripe before 2.4.2 does not properly restrict access to pages in draft mode, which allows remote attackers to obtain sensitive information.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5089
|
2024-11-21 10:22 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298634
|
- |
|
silverstripe
|
silverstripe
|
Multiple cross-site request forgery (CSRF) vulnerabilities in SilverStripe 2.3.x before 2.3.9 and 2.4.x before 2.4.3 allow remote attackers to hijack the authentication of administrators via destruct…
|
CWE-352
Origin Validation Error
|
CVE-2010-5088
|
2024-11-21 10:22 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298635
|
- |
|
silverstripe
|
silverstripe
|
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators vi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5087
|
2024-11-21 10:22 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298636
|
- |
|
silverstripe
|
silverstripe
|
The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attack…
|
CWE-255
CWE-352
Credentials Management
Origin Validation Error
|
CVE-2010-5080
|
2024-11-21 10:22 |
2012-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298637
|
- |
|
comodo
|
comodo_internet_security
|
The Antivirus component in Comodo Internet Security before 4.1.150349.920 allows remote attackers to cause a denial of service (application crash) via a crafted file.
|
NVD-CWE-noinfo
|
CVE-2010-5186
|
2024-11-21 10:22 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298638
|
- |
|
comodo
|
comodo_internet_security
|
The Antivirus component in Comodo Internet Security before 5.3.174622.1216 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote …
|
CWE-20
Improper Input Validation
|
CVE-2010-5185
|
2024-11-21 10:22 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298639
|
- |
|
checkpoint
|
zonealarm_extreme_security
|
Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler …
|
CWE-362
Race Condition
|
CVE-2010-5184
|
2024-11-21 10:22 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298640
|
- |
|
webroot
|
internet_security_essentials
|
Race condition in Webroot Internet Security Essentials 6.1.0.145 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a …
|
CWE-362
Race Condition
|
CVE-2010-5183
|
2024-11-21 10:22 |
2012-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
