|
305691
|
- |
|
anecms
|
anecms_blog
|
Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the comment variable to mo…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2437
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305692
|
- |
|
anecms
|
anecms_blog
|
SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO.
|
CWE-89
SQL Injection
|
CVE-2010-2436
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305693
|
- |
|
salvo_tomaselli
|
weborf_http_server
|
Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) via Unicode characters in a Connection HTTP header, and possibly other headers.
|
CWE-20
Improper Input Validation
|
CVE-2010-2435
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305694
|
- |
|
redhat
|
enterprise_virtualization_manager
|
The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) before 2.2 does not properly pass the postzero parameter during operations on deleted volumes, which allow…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2224
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305695
|
- |
|
redhat
|
enterprise_virtualization_hypervisor
|
Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hypervisor) before 5.5-2.2 does not properly perform VM post-zeroing after the removal of a v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2223
|
2024-11-21 10:16 |
2010-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305696
|
- |
|
php
|
php
|
Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized…
|
CWE-399
Resource Management Errors
|
CVE-2010-2225
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305697
|
- |
|
ibm
|
websphere_ilog_jrules
|
Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere ILOG JRules 6.7 allow remote attackers to inject arbitrary web script or HTML via an RTS URL to (1) e…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2433
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305698
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2429
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305699
|
- |
|
wftpserver
|
wing_ftp_server
|
Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in Wing FTP Server for Windows 3.5.0 and earlier allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2428
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
305700
|
- |
|
southrivertech
|
titan_ftp_server
|
Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.1125, and probably earlier versions, allows remote authenticated users to read arbitrary files, determ…
|
CWE-22
Path Traversal
|
CVE-2010-2426
|
2024-11-21 10:16 |
2010-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
