|
302781
|
- |
|
memcache_project
|
memcache
|
The Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal does not properly handle the $user object in memcache_admin, which might "lead to a role change not being recognized until th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5276
|
2024-11-21 10:22 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302782
|
- |
|
memcache_project
|
memcache
|
Cross-site scripting (XSS) vulnerability in memcache_admin in the Memcache module 5.x before 5.x-1.10 and 6.x before 6.x-1.6 for Drupal allows remote attackers to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2010-5275
|
2024-11-21 10:22 |
2012-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302783
|
- |
|
silverstripe
|
silverstripe
|
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) pas…
|
CWE-310
Cryptographic Issues
|
CVE-2010-5079
|
2024-11-21 10:22 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302784
|
- |
|
silverstripe
|
silverstripe
|
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain version information v…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5078
|
2024-11-21 10:22 |
2012-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302785
|
- |
|
wordpress
|
wordpress
|
The XML-RPC remote publishing interface in xmlrpc.php in WordPress before 3.0.3 does not properly check capabilities, which allows remote authenticated users to bypass intended access restrictions, a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-5106
|
2024-11-21 10:22 |
2012-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302786
|
- |
|
pkware
|
pkzip
|
Untrusted search path vulnerability in PKZIP before 12.50.0014 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a director…
|
NVD-CWE-Other
|
CVE-2010-5274
|
2024-11-21 10:22 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302787
|
- |
|
altova
|
diffdog_2011
|
Untrusted search path vulnerability in Altova DiffDog 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonst…
|
NVD-CWE-Other
|
CVE-2010-5273
|
2024-11-21 10:22 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302788
|
- |
|
altova
|
databasespy_2011
|
Untrusted search path vulnerability in Altova DatabaseSpy 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as dem…
|
NVD-CWE-Other
|
CVE-2010-5272
|
2024-11-21 10:22 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302789
|
- |
|
altova
|
mapforce
|
Untrusted search path vulnerability in Altova MapForce 2011 Enterprise Edition SP1 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demons…
|
NVD-CWE-Other
|
CVE-2010-5271
|
2024-11-21 10:22 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
302790
|
- |
|
adobe
|
device_central_cs4
|
Multiple untrusted search path vulnerabilities in Adobe Device Central CS4 2.0.0 0476 allow local users to gain privileges via a Trojan horse (1) ibfs32.dll or (2) amt_cdb.dll file in the current wor…
|
NVD-CWE-Other
|
CVE-2010-5270
|
2024-11-21 10:22 |
2012-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
