|
301041
|
- |
|
apache
|
tomcat
|
Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not make the ServletContext attribute read-only, which allows local web applications to read or write …
|
NVD-CWE-Other
|
CVE-2010-3718
|
2024-11-21 10:19 |
2011-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301042
|
- |
|
modxcms
|
evolution
|
Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE…
|
CWE-22
Path Traversal
|
CVE-2010-3930
|
2024-11-21 10:19 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301043
|
- |
|
modxcms
|
evolution
|
SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch.
|
CWE-89
SQL Injection
|
CVE-2010-3929
|
2024-11-21 10:19 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301044
|
- |
|
apache
|
couchdb
|
Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) in Apache CouchDB 0.8.0 through 1.0.1 allow remote attackers to inject arbitrary web script or HTML…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3854
|
2024-11-21 10:19 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301045
|
- |
|
symantec
|
im_manager
|
Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM Manager 8.4.16 and earlier allows remote attackers to execute arbitrary code via unspecified param…
|
CWE-94
Code Injection
|
CVE-2010-3719
|
2024-11-21 10:19 |
2011-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301046
|
- |
|
apache
debian
canonical
|
openoffice
debian_linux
ubuntu_linux
|
soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current…
|
CWE-22
Path Traversal
|
CVE-2010-3689
|
2024-11-21 10:19 |
2011-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301047
|
- |
|
lunascape
|
lunascape
|
Untrusted search path vulnerability in Lunascape before 6.4.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
|
NVD-CWE-Other
|
CVE-2010-3927
|
2024-11-21 10:19 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301048
|
- |
|
linux-pam
|
linux-pam
|
pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might …
|
NVD-CWE-Other
|
CVE-2010-3853
|
2024-11-21 10:19 |
2011-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301049
|
- |
|
libfuse_project
|
libfuse
|
FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the moun…
|
CWE-59
Link Following
|
CVE-2010-3879
|
2024-11-21 10:19 |
2011-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301050
|
- |
|
rocomotion
|
pm_bbs
pplog_2
p_forum
p_diary_r
pm_forum
p_link_compact
pplog
p_board
p_link
p_up_board
|
Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and other versions, P forum 1.30 and earlier, P up board 1.38 and other versions, P diary R 1.13 and e…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3931
|
2024-11-21 10:19 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
