|
306281
|
- |
|
tomatocms
|
tomatocms
|
Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password.
|
CWE-352
Origin Validation Error
|
CVE-2010-2282
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306282
|
- |
|
tomatocms
|
tomatocms
|
Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword or (2) bannerid parameter in conj…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2281
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306283
|
- |
|
ibm
|
lotus_connections
|
Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via uns…
|
NVD-CWE-Other
|
CVE-2010-2280
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306284
|
- |
|
ibm
|
lotus_connections
|
The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0.2, when "forced SSL" is enabled, uses http for links, which has unspecified impact and remote atta…
|
NVD-CWE-Other
|
CVE-2010-2279
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306285
|
- |
|
ibm
|
lotus_connections
|
The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does not properly follow the "force SSL" setting, which might make it easier for remote attackers to ob…
|
NVD-CWE-Other
|
CVE-2010-2278
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306286
|
- |
|
ibm
|
lotus_connections
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) create or (2) edit form in …
|
CWE-79
Cross-site Scripting
|
CVE-2010-2277
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306287
|
- |
|
dojotoolkit
|
dojo
|
The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 has the copyTests=tru…
|
CWE-16
Configuration
|
CVE-2010-2276
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306288
|
- |
|
dojotoolkit
|
dojo
|
Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1.4.2 allows remote attackers to inject arbitrary web script or HTML via the theme parameter, as demo…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2275
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306289
|
- |
|
dojotoolkit
|
dojo
|
Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to redirect users to arbit…
|
NVD-CWE-Other
|
CVE-2010-2274
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306290
|
- |
|
dojotoolkit
|
dojo
|
Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before 1.2.4, 1.3.x before 1.3.3, and 1.4.x before 1.4.2 allow remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2273
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
