|
349581
|
- |
|
speedtech
|
storm
|
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary we…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2158
|
2010-06-8 13:00 |
2010-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349582
|
- |
|
novell
|
netware
|
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, …
|
NVD-CWE-noinfo
|
CVE-2003-1591
|
2010-06-8 13:00 |
2010-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349583
|
- |
|
novell
|
netware_ftp_server
netware
|
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2003-1596
|
2010-06-8 13:00 |
2010-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349584
|
- |
|
novell
|
netware_ftp_server
netware
|
NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2002-2433
|
2010-06-8 13:00 |
2010-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349585
|
- |
|
novell
|
netware_ftp_server
netware
|
NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.
|
NVD-CWE-noinfo
|
CVE-2002-2434
|
2010-06-8 13:00 |
2010-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349586
|
- |
|
gnu
|
nano
|
GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a …
|
CWE-59
Link Following
|
CVE-2010-1160
|
2010-06-7 13:00 |
2010-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349587
|
- |
|
gnu
|
nano
|
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related…
|
CWE-362
Race Condition
|
CVE-2010-1161
|
2010-06-7 13:00 |
2010-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349588
|
- |
|
emweb
|
wt
|
Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal arguments, which has unspecified impact and remote attack vectors.
|
CWE-20
Improper Input Validation
|
CVE-2010-1273
|
2010-06-7 13:00 |
2010-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349589
|
- |
|
jasper
|
httpdx
|
Multiple format string vulnerabilities in the tolog function in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 allow (1) remote attackers to execute arbitrary code via format string specifiers in a GET re…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2009-4769
|
2010-06-7 13:00 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
349590
|
- |
|
jasper
|
httpdx
|
The FTP server component in httpdx 1.4, 1.4.5, 1.4.6, 1.4.6b, and 1.5 has a default password of pass123 for the moderator account, which makes it easier for remote attackers to obtain privileged acce…
|
CWE-255
Credentials Management
|
CVE-2009-4770
|
2010-06-7 13:00 |
2010-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
