|
303611
|
- |
|
ibm
|
web_content_manager
|
The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote authenticated users to bypass intended access restrictions on draft creation by leveraging certain r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4806
|
2024-11-21 10:21 |
2011-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303612
|
7.5 |
HIGH
Network
|
linux
redhat
|
linux_kernel
enterprise_linux
|
The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by se…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2010-4805
|
2024-11-21 10:21 |
2011-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303613
|
- |
|
libtiff
|
libtiff
|
Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified …
|
CWE-189
Numeric Errors
|
CVE-2010-4665
|
2024-11-21 10:21 |
2011-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303614
|
- |
|
mojolicious
|
mojolicious
|
Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4803
|
2024-11-21 10:21 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303615
|
- |
|
mojolicious
|
mojolicious
|
Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-4802
|
2024-11-21 10:21 |
2011-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303616
|
- |
|
baconmap
|
baconmap
|
Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the filepath parameter.
|
CWE-22
Path Traversal
|
CVE-2010-4801
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303617
|
- |
|
baconmap
|
baconmap
|
SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrary SQL commands via the type parameter.
|
CWE-89
SQL Injection
|
CVE-2010-4800
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303618
|
- |
|
chipmunk-scripts
|
pwngame
|
Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the (1) username and (2) password param…
|
CWE-89
SQL Injection
|
CVE-2010-4799
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303619
|
- |
|
orangehrm
|
orangehrm
|
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter.
|
CWE-22
Path Traversal
|
CVE-2010-4798
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303620
|
- |
|
truworthit
|
flex_timesheet
|
Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote attackers to execute arbitrary SQL commands via the (1) Username and (2) Password fields.
|
CWE-89
SQL Injection
|
CVE-2010-4797
|
2024-11-21 10:21 |
2011-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
