|
299901
|
8.8 |
HIGH
Network
|
typo3
|
typo3
|
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an insecure default value of the variable fileDenyPattern which could allow remote attackers to execute ar…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2010-3663
|
2024-11-21 10:19 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299902
|
8.8 |
HIGH
Network
|
typo3
|
typo3
|
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows SQL Injection on the backend.
|
CWE-89
SQL Injection
|
CVE-2010-3662
|
2024-11-21 10:19 |
2019-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299903
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redirection on the backend.
|
CWE-601
Open Redirect
|
CVE-2010-3661
|
2024-11-21 10:19 |
2019-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299904
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.
|
CWE-79
Cross-site Scripting
|
CVE-2010-3660
|
2024-11-21 10:19 |
2019-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299905
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to injec…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3659
|
2024-11-21 10:19 |
2017-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299906
|
9.8 |
CRITICAL
Network
|
apache_authenhook_project
|
apache_authenhook
|
libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log.
|
CWE-200
Information Exposure
|
CVE-2010-3845
|
2024-11-21 10:19 |
2017-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299907
|
- |
|
ffmpeg
mplayerhq
|
ffmpeg
mplayer
|
FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a mal…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3908
|
2024-11-21 10:19 |
2011-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299908
|
- |
|
microsoft
|
windows_server_2008
windows_xp
windows_7
windows_vista
windows_server_2003
windows_2003_server
|
fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2010-3974
|
2024-11-21 10:19 |
2011-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299909
|
- |
|
microsoft
|
.net_framework
|
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted X…
|
CWE-20
Improper Input Validation
|
CVE-2010-3958
|
2024-11-21 10:19 |
2011-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299910
|
- |
|
horde
|
groupware
dynamic_imp
|
Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) before 1.1.5, and Horde Groupware Webmail Edition before 1.2.7, allows remote attackers to inject arbitrary web script or HTML via…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3693
|
2024-11-21 10:19 |
2011-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
