|
300491
|
- |
|
mybb
|
mybb
|
Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard) before 1.4.12 allows remote attackers to hijack the authentication of unspecified victims via unknown vect…
|
CWE-352
Origin Validation Error
|
CVE-2010-4627
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300492
|
- |
|
mybb
|
mybb
|
The my_rand function in functions.php in MyBB (aka MyBulletinBoard) before 1.4.12 does not properly use the PHP mt_rand function, which makes it easier for remote attackers to obtain access to an arb…
|
CWE-310
Cryptographic Issues
|
CVE-2010-4626
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300493
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by r…
|
CWE-200
Information Exposure
|
CVE-2010-4625
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300494
|
- |
|
mybb
|
mybb
|
MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended restrictions on the number of [img] MyCodes by editing a post after it has been created.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4624
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300495
|
- |
|
mybb
|
mybb
|
Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.4.14, and 1.6.x before 1.6.1, allow remote attackers to inject arbitrary web script or HTML via vectors related to …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4522
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300496
|
- |
|
ibm
|
tivoli_access_manager_for_e-business
|
WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actio…
|
CWE-399
Resource Management Errors
|
CVE-2010-4623
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300497
|
- |
|
ibm
|
tivoli_access_manager_for_e-business
|
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (e…
|
CWE-22
Path Traversal
|
CVE-2010-4622
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300498
|
- |
|
clear
|
ispot_firmware
ispot
clearspot_firmware
clearspot
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote attackers to hijack the authentica…
|
CWE-352
Origin Validation Error
|
CVE-2010-4507
|
2024-11-21 10:21 |
2010-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300499
|
- |
|
webscripti
|
mafya_oyun_scrpti
|
SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Mafia Game Script) allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4619
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300500
|
- |
|
algisinfo
|
aicontactsafe
|
Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSafe component before 2.0.14 for Joomla! allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4618
|
2024-11-21 10:21 |
2010-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
