|
304551
|
- |
|
ibm
|
omnifind
|
The administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x does not restrict use of a session ID (aka SID) value to a single IP address, which allows remote attackers to perform arbit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3893
|
2024-11-21 10:19 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304552
|
- |
|
ibm
|
omnifind
|
Session fixation vulnerability in the login form in the administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x allows remote attackers to hijack web sessions by replaying a session ID…
|
NVD-CWE-Other
|
CVE-2010-3892
|
2024-11-21 10:19 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304553
|
- |
|
ibm
|
omnifind
|
Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interface in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to hijack the authenticatio…
|
CWE-352
Origin Validation Error
|
CVE-2010-3891
|
2024-11-21 10:19 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304554
|
- |
|
ibm
|
omnifind
|
Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise Edition before 9.1 allows remote attackers to inject arbitrary web script or HTML via the command parameter to the administration i…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3890
|
2024-11-21 10:19 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304555
|
- |
|
php
canonical
|
php
ubuntu_linux
|
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass …
|
CWE-20
Improper Input Validation
|
CVE-2010-3870
|
2024-11-21 10:19 |
2010-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304556
|
- |
|
microsoft
|
forefront_unified_access_gateway
|
Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gateway (UAG) 2010 Gold, 2010 Update 1, and 2010 Update 2 allows remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3936
|
2024-11-21 10:19 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304557
|
- |
|
adobe
|
flash_media_server
|
Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to execute arbitrary code via unspecified vectors, related to a "segmentation fault vuln…
|
CWE-94
Code Injection
|
CVE-2010-3635
|
2024-11-21 10:19 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304558
|
- |
|
adobe
|
flash_media_server
|
Unspecified vulnerability in the edge process in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to cause a denial of service via unknow…
|
NVD-CWE-noinfo
|
CVE-2010-3634
|
2024-11-21 10:19 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304559
|
- |
|
adobe
|
flash_media_server
|
Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows attackers to cause a denial of service (memory consumption) via unspecified vectors.
|
CWE-399
Resource Management Errors
|
CVE-2010-3633
|
2024-11-21 10:19 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304560
|
- |
|
mahara
|
mahara
|
Cross-site scripting (XSS) vulnerability in blocktype/groupviews/theme/raw/groupviews.tpl in Mahara before 1.3.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3871
|
2024-11-21 10:19 |
2010-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
