|
308101
|
- |
|
egroupware
|
egroupware
|
Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 before 9.1.20100309 and 9.2 before 9.2.20100309;…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3314
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308102
|
- |
|
egroupware
|
egroupware
|
phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in EGroupware 1.4.001+.002; 1.6.001+.002 and possibly other versions before 1.6.003; and EPL 9.1 befor…
|
CWE-94
Code Injection
|
CVE-2010-3313
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308103
|
- |
|
linux
suse
canonical
|
linux_kernel
linux_enterprise_real_time_extension
ubuntu_linux
|
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit ent…
|
CWE-269
Improper Privilege Management
|
CVE-2010-3301
|
2024-11-21 10:18 |
2010-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308104
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc4 does not properly initialize certa…
|
CWE-399
Resource Management Errors
|
CVE-2010-3477
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308105
|
- |
|
drupal
|
drupal
|
Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authenticated users with certain privileges to inject arbitrary web script or HTML via (1) an action descrip…
|
CWE-79
Cross-site Scripting
|
CVE-2010-3094
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308106
|
- |
|
drupal
|
drupal
|
The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users with certain privileges to bypass intended access restrictions and reinstate removed comments via a …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3093
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308107
|
- |
|
drupal
|
drupal
|
The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insensitive filename handling in a database configuration, which allows remote authenticated users to by…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3092
|
2024-11-21 10:18 |
2010-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308108
|
- |
|
otrs
|
otrs
|
Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle the matching of Perl regular expressions against HTML e-mail messages, which allows remote attacke…
|
CWE-20
Improper Input Validation
|
CVE-2010-3476
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308109
|
- |
|
ibm
|
db2
|
IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3475
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308110
|
- |
|
ibm
|
db2
|
IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which allows remote authenticated users to bypas…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-3474
|
2024-11-21 10:18 |
2010-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
