|
300561
|
- |
|
ibm
|
lotus_notes_traveler
|
IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4546
|
2024-11-21 10:21 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300562
|
- |
|
ibm
|
lotus_notes_traveler
|
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (resource consumption and sync outage) by syncing a large volume of data.
|
CWE-399
Resource Management Errors
|
CVE-2010-4545
|
2024-11-21 10:21 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300563
|
- |
|
ibm
|
lotus_notes_traveler
|
Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4544
|
2024-11-21 10:21 |
2010-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300564
|
- |
|
wobeo
|
wp-safe-search
|
Cross-site scripting (XSS) vulnerability in wp-safe-search/wp-safe-search-jx.php in the Safe Search plugin 0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the v1 …
|
CWE-79
Cross-site Scripting
|
CVE-2010-4518
|
2024-11-21 10:21 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300565
|
- |
|
harmistechnology
|
com_jeauto
|
SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the cha…
|
CWE-89
SQL Injection
|
CVE-2010-4517
|
2024-11-21 10:21 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300566
|
- |
|
jxtended
|
jxtended_comments
|
Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Comments component before 1.3.1 for Joomla allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4516
|
2024-11-21 10:21 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300567
|
- |
|
citrix
|
web_interface
|
Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, 5.1, and 5.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability th…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4515
|
2024-11-21 10:21 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300568
|
- |
|
zimplit
|
zimplit_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS 3.0, and possibly earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) file parameter in a load action…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4513
|
2024-11-21 10:21 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300569
|
- |
|
michael_dehaan
|
cobbler
|
Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified impact by leveraging world writable permissions for files and directories.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4512
|
2024-11-21 10:21 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300570
|
- |
|
sixapart
|
movabletype
|
Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and attack vectors related to the "dynamic publishing error message."
|
NVD-CWE-noinfo
|
CVE-2010-4511
|
2024-11-21 10:21 |
2010-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
