|
300921
|
- |
|
cstr
|
festival
|
festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gai…
|
NVD-CWE-Other
|
CVE-2010-3996
|
2024-11-21 10:20 |
2010-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300922
|
- |
|
microsoft
|
windows_xp
windows_7
windows_vista
windows_server_2003
|
Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Professional SP3, Windows Server 2003 R2 Enterprise Edition SP3, Windows Vista Busine…
|
NVD-CWE-Other
|
CVE-2010-4182
|
2024-11-21 10:20 |
2010-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300923
|
- |
|
yaws
|
yaws
|
Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslash) and other sequences.
|
CWE-22
Path Traversal
|
CVE-2010-4181
|
2024-11-21 10:20 |
2010-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300924
|
- |
|
exv2
|
exv2
|
Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web script or HTML via the (1) rssfeedURL parameter to manual/caferss/example.php and t…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4155
|
2024-11-21 10:20 |
2010-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300925
|
- |
|
rhinosoft
|
ftp_voyager
|
Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
|
CWE-22
Path Traversal
|
CVE-2010-4154
|
2024-11-21 10:20 |
2010-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300926
|
- |
|
crossftp
|
crossftp_pro
|
Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
|
CWE-22
Path Traversal
|
CVE-2010-4153
|
2024-11-21 10:20 |
2010-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300927
|
- |
|
4site
|
4site_cms
|
SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote attackers to execute arbitrary SQL commands via the cat parameter. NOTE: the i and th vectors…
|
CWE-89
SQL Injection
|
CVE-2010-4152
|
2024-11-21 10:20 |
2010-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300928
|
- |
|
deluxebb
|
deluxebb
|
SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the xthedateformat para…
|
CWE-89
SQL Injection
|
CVE-2010-4151
|
2024-11-21 10:20 |
2010-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300929
|
- |
|
wsnlinks
wsn
|
wsn_links
links
|
Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1)…
|
CWE-89
SQL Injection
|
CVE-2010-4006
|
2024-11-21 10:20 |
2010-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300930
|
- |
|
deliciousdays
|
cforms
|
Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cforms WordPress plugin 11.5 allow remote attackers to inject arbitrary web script or HTML via the (1)…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3977
|
2024-11-21 10:20 |
2010-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
