|
304931
|
- |
|
splunk
|
splunk
|
Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) redirects, aka SPL-31067; …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2503
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304932
|
- |
|
splunk
|
splunk
|
Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files, aka SPL-31194; (2) remote authenticated users to mo…
|
CWE-22
Path Traversal
|
CVE-2010-2502
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304933
|
- |
|
mozilla
|
bugzilla
|
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2470
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304934
|
- |
|
moodle
|
moodle
|
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of…
|
CWE-352
Origin Validation Error
|
CVE-2010-2231
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304935
|
- |
|
moodle
|
moodle
|
The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site sc…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2230
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304936
|
- |
|
moodle
|
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2229
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304937
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2228
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304938
|
- |
|
linearcorp
|
emerge_50
emerge_5000
|
The Linear eMerge 50 and 5000 uses a default password of eMerge for the IEIeMerge account, which makes it easier for remote attackers to obtain Video Recorder data by establishing a session to the de…
|
CWE-255
Credentials Management
|
CVE-2010-2469
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304939
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for con…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2468
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304940
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, w…
|
CWE-255
Credentials Management
|
CVE-2010-2467
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
