|
298861
|
- |
|
typo3
|
typo3
|
Directory traversal vulnerability in the TypoScript setup in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allows remote authenticated administrators to read arbitrary files v…
|
CWE-22
Path Traversal
|
CVE-2010-5101
|
2024-11-21 10:22 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298862
|
- |
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in the Install Tool in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5 allow remote authenticated users to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5100
|
2024-11-21 10:22 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298863
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the FORM content object in TYPO3 4.2.x before 4.2.16, 4.3.x before 4.3.9, and 4.4.x before 4.4.5, allows remote authenticated users to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5098
|
2024-11-21 10:22 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298864
|
- |
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the click enlarge functionality in TYPO3 4.3.x before 4.3.9 and 4.4.x before 4.4.5 when the caching framework is enabled, allows remote attackers to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2010-5097
|
2024-11-21 10:22 |
2012-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298865
|
- |
|
bitweaver
|
bitweaver
|
Directory traversal vulnerability in wiki/rankings.php in Bitweaver 2.7 and 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the style parameter.
|
CWE-22
Path Traversal
|
CVE-2010-5086
|
2024-11-21 10:22 |
2012-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298866
|
- |
|
hulihanapplications
|
amethyst
|
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators …
|
CWE-352
Origin Validation Error
|
CVE-2010-5085
|
2024-11-21 10:22 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298867
|
- |
|
e107
|
e107
|
The cross-site request forgery (CSRF) protection mechanism in e107 before 0.7.23 uses a predictable random token based on the creation date of the administrator account, which allows remote attackers…
|
CWE-352
Origin Validation Error
|
CVE-2010-5084
|
2024-11-21 10:22 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298868
|
- |
|
phpnuke
|
web_links_module
php-nuke
|
SQL injection vulnerability in the Web_Links module for PHP-Nuke 8.0 allows remote attackers to execute arbitrary SQL commands via the url parameter in an Add action to modules.php.
|
CWE-89
SQL Injection
|
CVE-2010-5083
|
2024-11-21 10:22 |
2012-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298869
|
- |
|
microsoft
|
windows_server_2008
|
Untrusted search path vulnerability in colorcpl.exe 6.0.6000.16386 in the Color Control Panel in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 allows local users to gain privileges via a Trojan h…
|
NVD-CWE-Other
|
CVE-2010-5082
|
2024-11-21 10:22 |
2012-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298870
|
- |
|
mini-stream
|
rm-mp3_converter
|
Stack-based buffer overflow in Mini-Stream RM-MP3 Converter 3.1.2.1 allows remote attackers to execute arbitrary code via a long URL in a .pls file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-5081
|
2024-11-21 10:22 |
2011-12-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
