|
309311
|
- |
|
accoria
|
rock_web_server
|
Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to have an unspecified impact via format string specifiers in the path (aka Passwo…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2010-2271
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309312
|
- |
|
accoria
|
rock_web_server
|
Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable httpmod-sessionid cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
|
CWE-310
Cryptographic Issues
|
CVE-2010-2270
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309313
|
- |
|
accoria
|
rock_web_server
|
Directory traversal vulnerability in loadstatic.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter.
|
CWE-22
Path Traversal
|
CVE-2010-2269
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309314
|
- |
|
accoria
|
rock_web_server
|
Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows remote attackers to hijack the authentication of administrators for requests th…
|
CWE-352
Origin Validation Error
|
CVE-2010-2268
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309315
|
- |
|
accoria
|
rock_web_server
|
Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web Server (aka Rock Web Server) 1.4.7 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the get…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2267
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309316
|
- |
|
pxsystem
|
plume-cms
|
Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and possibly earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrat…
|
CWE-352
Origin Validation Error
|
CVE-2010-2294
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309317
|
- |
|
d-link
|
di-604
|
The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size.
|
CWE-20
Improper Input Validation
|
CVE-2010-2293
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309318
|
- |
|
d-link
|
di-604
|
Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field.
|
CWE-79
Cross-site Scripting
|
CVE-2010-2292
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309319
|
- |
|
snom
|
voip_phone_firmware
|
Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows remote attackers to bypass intended restrictions and modify user credentials via unknown vectors. NO…
|
CWE-264
NVD-CWE-noinfo
Permissions, Privileges, and Access Controls
|
CVE-2010-2291
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309320
|
- |
|
mcafee
|
unified_threat_management_firewall_firmware
|
Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in McAfee Unified Threat Management (UTM) Firewall (formerly SnapGear) firmware 3.0.0 through 4.0.6 allows remote attackers to inject arb…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2290
|
2024-11-21 10:16 |
2010-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
