|
308961
|
- |
|
splunk
|
splunk
|
Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow (1) remote attackers to read arbitrary files, aka SPL-31194; (2) remote authenticated users to mo…
|
CWE-22
Path Traversal
|
CVE-2010-2502
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308962
|
- |
|
mozilla
|
bugzilla
|
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enabled, uses world-readable permissions within (1) .bzr/ and (2) data/webdot/, which allows local user…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2470
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308963
|
- |
|
moodle
|
moodle
|
Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to hijack the authentication of…
|
CWE-352
Origin Validation Error
|
CVE-2010-2231
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308964
|
- |
|
moodle
|
moodle
|
The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does not properly handle vbscript URIs, which allows remote authenticated users to conduct cross-site sc…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2230
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308965
|
- |
|
moodle
|
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 allow remote attackers to inject arbitrary web script or HTML via unspecified para…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2229
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308966
|
- |
|
moodle
|
moodle
|
Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.13 and 1.9.x before 1.9.9 allows remote attackers to inject arbitrary web script or HTML via vectors…
|
CWE-79
Cross-site Scripting
|
CVE-2010-2228
|
2024-11-21 10:16 |
2010-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308967
|
- |
|
linearcorp
|
emerge_50
emerge_5000
|
The Linear eMerge 50 and 5000 uses a default password of eMerge for the IEIeMerge account, which makes it easier for remote attackers to obtain Video Recorder data by establishing a session to the de…
|
CWE-255
Credentials Management
|
CVE-2010-2469
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308968
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, uses a weak hash algorithm for storing the Administrator password, which makes it easier for con…
|
CWE-310
Cryptographic Issues
|
CVE-2010-2468
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308969
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not require setting a password for the FTP server that stores database backups, w…
|
CWE-255
Credentials Management
|
CVE-2010-2467
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308970
|
- |
|
s2sys
linearcorp
sonitrol
|
netbox
emerge_50
emerge_5000
eaccess
|
The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attacke…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-2466
|
2024-11-21 10:16 |
2010-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
