|
303801
|
- |
|
hp
|
insight_recovery
|
Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4101
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303802
|
- |
|
hp
|
insight_control_performance_management
|
Unspecified vulnerability in HP Insight Control Performance Management before 6.1 update 2 allows remote attackers to read arbitrary files via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4100
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303803
|
- |
|
hp
|
insight_control_performance_management
|
Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2010-4032
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303804
|
- |
|
hp
|
insight_control_performance_management
|
Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote authenticated users to gain privileges via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4031
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303805
|
- |
|
hp
|
insight_control_performance_management
|
Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2010-4030
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303806
|
- |
|
freshwebmaster
|
fresh_ftp
|
Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename. NOTE…
|
CWE-22
Path Traversal
|
CVE-2010-4149
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303807
|
- |
|
anyconnect
|
anyconnect
|
Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP servers to write arbitrary files via a "..\" (dot dot backslash) in a filename.
|
CWE-22
Path Traversal
|
CVE-2010-4148
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303808
|
- |
|
avactis
|
avactis_shopping_cart
|
Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edition and earlier allow remote attackers to execute arbitrary SQL commands via the User-Agent header …
|
CWE-89
SQL Injection
|
CVE-2010-4147
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303809
|
- |
|
attachmate
|
reflection_for_the_web
|
Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.569 and earlier), 2008 R1, and 9.6 and earlier allows remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4146
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303810
|
- |
|
aspindir
|
kisisel_radyo_script
|
Kisisel Radyo Script stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for sevvo/eco23.mdb.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4145
|
2024-11-21 10:20 |
2010-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
